Skip to main content

DMARC

Domain-based Message Authentication Reporting and Conformance

What is DMARC?

DMARC (Domain-based Message Authentication Reporting and Conformance) is an email validation system designed to protect your company’s email domain from being used for email spoofing, phishing scams and other cybercrimes. It leverages the existing email authentication techniques SPF (Sender Policy Framework) DKIM (Domain Keys Identified Mail). DMARC adds an important function, reporting. When a domain owner publishes a DMARC record into their DNS record, they will gain insight in who is sending email on behalf of their domain. This information can be used to get detailed information about the email channel. With this information a domain owner can get control over the email sent on his behalf. You can use DMARC to protect your domains against abuse in phishing or spoofing attacks.

How DMARC help?

Organizations and their clients are being harmed by malicious emails send on their behalf, DMARC can block these attacks. With DMARC an organization can gain insight into their email channel. Based on the insight this gives, organizations can work on deploying and enforcing a DMARC policy.

When the DMARC policy is enforced to p=reject, organizations are protected against:

  • Phishing on customers of the organisation
  • Brand abuse & scams
  • Malware and Ransomware attacks
  • Employees from spear phishing and CEO fraud to happen
DMARC

DMARC Policies

Monitor policy: p=none

The DMARC policy none instructs email receivers to send DMARC reports to the address published in the RUA or RUF tag of the DMARC record.  The none policy will give insight in the email channel but does not instruct email receivers to handle emails failing the DMARC checks differently, this is why it is also known as the monitor policy. The none policy only gives insight in who’s sending email on behalf of a domain and will not affect the deliverability.

Quarantine policy: p=quarantine

The DMARC policy quarantine instructs email receivers to put emails failing the DMARC checks in the spam folder of the receiver.

Reject policy: p=reject

The DMARC policy reject. The DMARC policy reject instructs email receivers to not deliver emails failing the DMARC checks at all.

DMARC Policy

Do you want us to implement DMRC Policy to protect your company’s email domain from being used for email spoofing, phishing scams and other cybercrimes?