How does DMARC work?

DMARC works by allowing the owner of a domain to publish a policy in the Domain Name System (DNS) that specifies which mechanisms are used to authenticate emails sent from their domain. When an email is received, the recipient's server can check the DMARC policy of the domain in the email's "From" field to see if the authentication results are aligned with the policy. If the authentication results are not aligned, the email may be marked as spam or rejected.