DMARC
      Back to home
      1. Help Center
      2. FAQs
      3. DMARC

      How does DMARC work?

      Introduction to DMARC

      Domain-based Message Authentication, Reporting, and Conformance (DMARC) is an email authentication protocol that builds on SPF and DKIM to provide a comprehensive solution for protecting email domains from unauthorized use, such as email spoofing and phishing.

      Authentication

      DMARC enhances email security by adding an extra layer of protection over SPF and DKIM through a process called Alignment:

      1. SPF Alignment:

        • DMARC ensures that the domain in the "From:" address matches the domain in the Return-Path address used by SPF.

      2. DKIM Alignment:

        • DMARC checks that the domain in the "From:" address matches the domain specified in the d= parameter of the DKIM signature.

      By introducing alignment, DMARC ensures that both SPF and DKIM not only authenticate the email but also confirm that the "From:" address is legitimate and protected.

      Reporting

      DMARC provides two types of reports that help administrators monitor and manage email authentication:

      1. Aggregate Reports:

        • These reports provide a concise overview of email authentication outcomes, encompassing delivery status, IP addresses, and the findings of SPF and DKIM checks. They assist domain owners in grasping the general well-being and effectiveness of their email authentication systems, offering valuable insights into detecting authentication issues and potential misuse.

      2. Failure Reports:

        • These reports offer in-depth insights into individual emails that do not pass DMARC checks. They may include additional information such as the "From:" address, "To:" address, subject line, and the email header of the failed email. However, these reports are not widely supported by major providers due to concerns about Personally Identifiable Information (PII). Administrators can effectively address authentication issues by relying on Aggregate Reports.

      Conformance

      DMARC allows domain owners to specify a policy that instructs receiving servers on how to handle emails that fail DMARC checks. The policy options include:

      1. p=none:

        • No specific action is taken. The email is delivered as usual, but reports are still generated.

      2. p=quarantine:

        • The email is treated with suspicion and typically placed in the recipient's spam or junk folder.

      3. p=reject:

        • The email is rejected outright and not delivered to the recipient.

      By defining a clear policy, domain owners can control the treatment of emails that fail DMARC checks, ensuring consistent handling and enhancing email security.

      Conclusion

      DMARC works by adding alignment to SPF and DKIM, protecting the "From:" address, and providing detailed reporting and policy enforcement. Its three pillars—Authentication, Reporting, and Conformance—work together to significantly improve email security, helping domain owners prevent unauthorized use of their email domains and ensuring reliable and safe email communication.