DMARC feature image

Why DMARC?

People and companies around the world suffer from the high volume of spam and phishing on the Internet. Over the years several methods have been introduced to try and identify when mail from (for example) myrealcompany.com really is, or really isn’t coming from myrealcompany.com. However:

  • These mechanisms all work separately and  isolated from each other
  • Each receiver makes their own decisions about the evaluation of the  results
  • The legitimate domain owner (e.g – myrealcompany) never gets any feedback

Enter DMARC.
DMARC addresses the above shortfalls by providing coordinated, tested methods for:

  • Domain owners to:
    • Signal that they are using email authentication (SPF, DKIM)
    • Provide an email address to gather feedback about messages using their domain –whether legitimate or not
    • A policy(report, quarantine, reject) to apply to messages that fail authentication
  • Email receivers to:
    • Be sure that a given sending domain is using email authentication
    • Consistently evaluate SPF and DKIM along with what the end-user sees in their inbox
    • Determine the domain owner’s preference (report, quarantine, or reject) for messages that do not pass authentication checks
    • Provide the domain owner with feedback about messages using their domain

DMARC is best implemented slowly (have u heard of a tree that has grown in a day 😛 ?)
A domain owner who has deployed email authentication will begin using DMARC in “monitor mode” to collect data from participating receivers. As the data shows that their legitimate traffic is passing authentication checks, they will change their policy to request that failing messages be quarantined. As they grow confident that no legitimate messages are being incorrectly “quarantined”, they will move to a “reject” policy.

More related content for you

Scroll to top