Why Do You Need DMARC?

Why Do You Need DMARC? End users and companies all suffer from the high volume of spam and phishing on the Internet. Over the years several methods have been introduced to try and identify when mail from (for example) IRS.GOV really is, or really isn’t coming from the IRS. However:

  • These mechanisms all work in isolation from each other
  • Each receiver makes unique decisions about how to evaluate the results
  • The legitimate domain owner (e.g. IRS) never gets any feedback

DMARC attempts to address this by providing coordinated, tested methods for:

  • Domain owners to:
    • Signal that they are using email authentication (SPF, DKIM)
    • Provide an email address to gather feedback about messages using their domain – legitimate or not
    • A policy to apply to messages that fail authentication (report, quarantine, reject)
  • Email receivers to:
    • Be certain a given sending domain is using email authentication
    • Consistently evaluate SPF and DKIM along with what the end user sees in their inbox
    • Determine the domain owner’s preference (report, quarantine or reject) for messages that do not pass authentication checks
    • Provide the domain owner with feedback about messages using their domain

A domain owner who has deployed email authentication can begin using DMARC in “monitor mode” to collect data from participating receivers. As the data shows that their legitimate traffic is passing authentication checks, they can change their policy to request that failing messages be quarantined. As they grow confident that no legitimate messages are being incorrectly quarantined, they can move to a “reject” policy.

Learn more about DMARC 

DMARC Lock

What is DMARC?

Introducing DMARC DMARC stands for Domain-based Message Authentication, Reporting and Conformance. It in fact sits on top of SPF and DKIM. What DMARC brings to

DKIM Keys

What is DKIM?

DomainKeys Identified Mail (DKIM) is the most complicated email authentication protocol out there. Even if you do extensive research, it’s hard to find one place

SPF Envelope

What is SPF?

The Sender Policy Framework (SPF) is an email-authentication technique which is used to prevent spammers from sending messages on behalf of your domain. With SPF