By themselves, SPF and DKIM can associate a piece of email with a domain. DMARC attempts to tie the results of SPF and DKIM to the content of email, specifically to the domain found in the From: header of an email. The domain found in the From: header of a piece of email is the entity that ties together all DMARC processing.

Because anyone can buy a domain and put SPF and DKIM into place (including criminals), the results of processing SPF and DKIM have to be related to the domain found in the From: header to be relevant to DMARC. This concept is referred to as Identifier Alignment.

Identifier Alignment is how existing email authentication technologies are made relevant to the content of an email. Getting identifiers to align ends up being a large part of the work of deploying DMARC.


What is DMARC?

Introducing DMARC DMARC stands for Domain-based Message Authentication, Reporting and Conformance. It in fact sits on top of SPF and DKIM. What DMARC brings to


What is DKIM?

DomainKeys Identified Mail (DKIM) is the most complicated email authentication protocol out there. Even if you do extensive research, it’s hard to find one place

SPF Envelope

What is SPF?

The Sender Policy Framework (SPF) is an email-authentication technique which is used to prevent spammers from sending messages on behalf of your domain. With SPF