Skip to main content
DMARC Guide for Shopify Customers

DMARC Guide for Shopify Customers

dmarcian PlatformEmail Security InsightsTechnical Guidance

Google and Yahoo’s DMARC requirements will be enforced in February 2024 for higher volume senders. We have resources to help you prepare for DMARC and other sender requirements to ensure your email delivery won’t be disrupted.

Why DMARC now?

There are few mechanisms that prohibit bad actors from sending an email pretending to be you. DMARC is the main control for fighting domain abuse. It’s a free and open technical specification that authenticates emails with SPF and DKIM. By publishing a DMARC record in your domain’s DNS, you can fight business email compromise, phishing and spoofing.

DMARC, SPF and DKIM aren’t newcomers to the email authentication scene—they’ve been around for over a decade and have grown to become a best practice. Email is involved in more than 90% of all network attacks; without DMARC, it can be hard to tell if an email is real or fake. Because of the increased email abuse, senders and receivers like Google and Yahoo have to reinforce their defenses with the DMARC control.

How is DMARC going to help?

Increased DMARC adoption, which is what Google and Yahoo are promoting, will help ensure that email can continue to be a trusted mode of communication. Adopting DMARC for your domain will improve the trustworthiness of your email, and it will also contribute to the network effort as more and more domain owners accomplish DMARC adoption.

For large enterprises, DMARC has been a cornerstone of email security and brand reputation for a decade. Now, Google and Yahoo are compelling senders of all sizes to reap the benefits of DMARC. In a way, Google and Yahoo are pushing you to help them, so that in turn, they can trust your email and provide more reliable delivery.

How to meet the DMARC mandate with Shopify

Before you begin: You need to either access your Shopify admin dashboard or your DNS hosting provider’s management console to make these changes, which will be adding Text (TXT) files.

  • Create a no-cost trial account if you haven’t already.

  • Create or retrieve your DMARC record. If you are an existing dmarcian customer or just started a trial, this information is available within your account under step two of the Quick Guide “Add DMARC Record.” We’ve also sent you an email with this same information on the day of sign up. Search your inbox for emails that came from support@dmarcian.com. And here’s more information on how to publish a DMARC record.

  • When adding the DMARC record it looks something like this:
Sample DMARC record in DNS

NOTE: In some cases you will enter _dmarc for the host/target name; in other instances, it will be _dmarc <domain name>. With Shopify, it will be _dmarc in most cases.

  • After data has populated in your dmarcian account, it’s time to get your sources into DMARC alignment. DMARC alignment means that the From header (the email domain you see when you send email) needs to match (called alignment in DMARC) the SPF domain and the DKIM domain in those records. To achieve this alignment, you need to set up SPF and/or DKIM to use your domain when sending emails on your behalf.

    • Use the Source Configuration Guide links next to each source in the application’s Source Viewer to find instructions on how to create and add these records.

  • Once your DMARC record is successfully added and your sources are in compliance, you have met the DMARC portion of the Yahoo/Google requirements.


A guide to help you get started and reach DMARC compliance with our DMARC Management Platform.



What if I don’t do anything?

In announcing the change, Shopify says that “if you take no action by February 1, we will rewrite your sender email to store@shopifyemail.com to meet the minimum requirements outlined by Google and Yahoo, so you can continue sending emails to your customers without interruption.” You can learn more from Shopify here.

How dmarcian can help

With a team of email security experts, a network of helpful partners, and a mission of making email and the internet more trustworthy through domain security, dmarcian is here to help assess an organization’s domain catalog and implement and manage DMARC for the long haul.

The following are no-cost dmarcian resources to help you understand and deploy DMARC:

  • Knowledge Base – A blog designed to educate and advocate for DMARC.
  • Tools – Our full suite of free tools to assist people deploying DMARC.
  • Videos – Our popular video series on all things DMARC.

Ask questions and provide feedback to other Shopify customers deploying DMARC.