User Tools

Site Tools


Receive dmarc reports to different domain

Add this in your dns zone file:  TXT "v=DMARC1;"

This is External Destination Verification. You can now receive DMARC reports for domain to email address.



15 09:42:58 nameserver named[25740]: /etc/bind/ bad owner name (check-names)
15 09:42:58 nameserver named[25740]: zone loading from master file /etc/bind/ failed: bad owner name (check-names)
15 09:42:58 nameserver named[25740]: zone not loaded due to errors.

This happens because bind9 strict RFC checking.

Check where in the zone file you have defined the record. Putting it after records where no hostname is defined doesn't seem to work and produces above message. Example:

                    MX   1
                    MX   5
                    MX   5
                    MX  10
                    MX  10
                    MX  15
            TXT "v=DMARC1;"        

This should work:

ns2                  AAAA <quadip..>

; External Destination Verification; receive DMARC reports from domain to email  TXT "v=DMARC1;"

Another solution is to turn off bind9 RFC checks in zone definition file (named.conf.local) by adding check-names warn;:

zone "" {
        type master;
        file "/etc/bind/";
        allow-query { any; };
        allow-transfer { slave_servers; };
        check-names warn;

See also


wiki/receive_dmarc_reports_different_domain.txt · Last modified: 2021/04/07 13:05 by antisa

Except where otherwise noted, content on this wiki is licensed under the following license: CC0 1.0 Universal
CC0 1.0 Universal Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki