DMARC, DKIM and SPF Alignments Explained

DMARC attempts to check that the address in the header ‘From’ is the real message origin or not. DKIM and SPF do not include the From header and Username.

Download FREE DMARC Implementation Guide

Alignment ensures that when using a relaxed configuration, all domains will align perfectly.

Difference between Header from Domain and Mail from Domain

Header from DomainMail from Domain
The domain portion of the email address that is most frequently available to end-users in an email recipient’s “From” area.The SPF authorization method is using this code. It is the domain part of the email address commonly found in the message header “Return-Path.” This is also commonly known as the location of the rebound.

SPF Alignment

SPF alignment for DMARC: Alignment of the sender policy framework (SPF) ensures that the domains of your email match.

  • Mail-Address (MFrom)
  • From the url of the header

There are two types of SPF alignment

Relaxed alignment: For relaxed alignment, only the MFrom address’s root domain will suit the Header From address’s root domain. Relaxed alignment helps to use a sub-domain and still meet the criteria of domain alignment.

Strict alignment: The scope of the MFrom address with strict alignment is an exact match for the address of the Header From domain.

DKIM Alignment

DKIM alignment for DMARC: DKIM matching is when the DKIM signature domain parent of your email meets the domain Header From.

There are two types of DKIM alignment

Relaxed alignment: That method of alignment allows the domain of the DKIM to suit the domain of the parent header. Relaxed alignment helps to use a sub-domain and still meet the criteria for domain alignment.

Strict alignment- That method of alignment includes an exact match of the DKIM domain to the Header “From” domain.

Download Implementation of DMARC

We have curated step by step guide to implementation of DMARC.

  • Products
  • Services

Get Secured Today!

Click that button and let’s chat! We promise to turn the murky, often scary world of cybersecurity into a walk in the digital park for your organization. Together, let’s make cybersecurity a piece of cake!