DMARC is a form of email authentication that exists to prevent spammers from sending emails using your domain.
A DMARC record, which stands for Domain-Based Message Authentication, Reporting and Conformance, is a type of email authentication. In simpler terms, DMARC is an extra security measure you add to your domain to prevent spammers from spoofing your domain. DMARC isn't something can be enabled within ConvertKit, but instead is enabled within your web host.
DMARC exists to prevent others from sending unauthorized emails using your domain. However, DMARC implementation can be complex and, if it isn't done properly, can cause your legitimate messages to go to spam or bounce.
IMPORTANT: If you decide to use a DMARC record on your domain, you need to set up a Verified Sending Domain in your ConvertKit account in order for your emails to reach the inbox.
There are three levels of strictness for DMARC records you can choose from:
p=none: This means nothing will happen to your message if DMARC fails
p=quarantine: This means "quarantine a message that fails DMARC". You'll usually find a message in spam when this happens
p=reject: This means if the message didn't pass DMARC then it will be rejected (bounced)
How do I know if a DMARC record is right for me?
DMARC records are an extra security step for your domain that can keep your domain from being spoofed. It's best to start with a less severe policy when using a DMARC record for the first time. Just like many other deliverability practices, using DMARC will not ensure your emails go to the inbox.
When deciding to enable DMARC it is best that you do not use the most strict setting right away (p=reject). Instead, start with the least strict setting (p=none) and then progressively move up.
Additional DMARC Resources
For more information about how to create a DMARC record, check out this article: https://dmarcian.com/dmarc-record-wizard/
To check and see if you have a DMARC record on your domain, visit this tool: https://dmarcian.com/domain-checker/