Skip to main content
← Back to Docs

AWS Route 53 DNS Setup Guide

Step-by-step guide to configure DMARC records in AWS Route 53

AWS Route 53 DNS Setup Guide

This guide walks you through adding your DMARC record to AWS Route 53.

Prerequisites

  • AWS account with Route 53 access
  • Your domain configured in Route 53
  • DMARC record from DMARC Nerd
  • IAM permissions to manage Route 53 records

Step-by-Step Instructions

1. Log in to AWS

  1. Go to aws.amazon.com
  2. Click Sign In to the Console
  3. Enter your credentials
  4. Search for “Route 53” and click the service

2. Select Your Hosted Zone

  1. In the Route 53 console, click Hosted zones in the sidebar
  2. Find your domain in the list
  3. Click on your domain name to open it

3. Create a New Record

  1. Click Create record button
  2. The record creation form will appear

4. Configure the DMARC Record

Fill in the fields as follows:

Record name:

  • Enter _dmarc
  • Leave the domain suffix (Route 53 will append it)
  • Final name should be: _dmarc.yourdomain.com

Record type:

  • Click the dropdown
  • Select TXT from the list

Value:

  • Paste your DMARC record from DMARC Nerd
  • Example: v=DMARC1; p=none; rua=mailto:[email protected]
  • Note: AWS may wrap the value in quotes automatically

TTL (Time To Live):

  • Leave as default (300 seconds)
  • Can be adjusted, but 300 is fine

Routing policy:

  • Leave as “Simple routing”

5. Save Your Record

  1. Click Create record button
  2. AWS will process the record
  3. You should see a success message

Verifying Your Record

Option 1: Route 53 Console

  1. Go back to your hosted zone
  2. Look for the _dmarc record in the list
  3. It should show as type “TXT”

Option 2: AWS CLI

Run this command in your terminal:

aws route53 list-resource-record-sets --hosted-zone-id <your-zone-id> --query "ResourceRecordSets[?Name=='_dmarc.yourdomain.com.']"

Option 3: DMARC Nerd

  1. Log in to DMARC Nerd
  2. Go to your domain settings
  3. Click Verify DNS Record
  4. Should show as verified

Troubleshooting

Record not appearing?

  • Ensure Record type is set to TXT
  • Confirm Record name is _dmarc (without domain)
  • Click Create record again if not saved
  • Wait 2-5 minutes for Route 53 to propagate

DMARC Nerd shows record as invalid?

  • Verify the record value matches exactly
  • Check for extra spaces or special characters
  • Copy directly from DMARC Nerd, not from elsewhere

Domains not working?

  • Ensure your domain is properly delegated to Route 53
  • Check that Route 53 nameservers are set at your registrar
  • Verify the hosted zone ID is correct

What Happens Next?

  1. Your DMARC record is now active
  2. Email receivers begin checking your policy
  3. Reports start generating immediately
  4. First Monday morning, you’ll receive your aggregated report

Need Help?

Contact our support team - we’re happy to help!

← Back to Documentation