DMARC is a type of email authentication protocol that leverages the widely used SPF and DKIM protocols to improve a sender’s understanding of how their email in circulation is processed. Email claiming to be from their domain is analyzed by receiving organizations and a digest of acceptance/failures is sent back to the sender. DMARC is used to reduce spam and fraudulent email by giving senders information on what recipients see. DMARC stands for Domain-based Message Authentication, Reporting & Conformance.
How is DMARC setup?
DMARC uses DNS to publish information on how an email from a domain should be handled. Because it uses DNS, anyone can publicly access your DMARC record to see how to process email that is reportedly from your domain. This also makes it simple to deploy, only requiring a DMARC (TXT) record.
An example DMARC record from Google.com.
How is it used?
DMARC is used in conjunction with SPF and DKIM. Essentially a sender’s DMARC record tells a recipient what to do with suspicious email purporting to come from a sender. Does it have a proper DKIM signature (and should it)? Does it match authorized senders in the SPF record? Should I pass it on, quarantine it or send it back? Finally, is there an email address I can forward information about suspicious emails so that the sender is aware of the problem? DMARC records contain all of these policy decisions.
Why do I need DMARC?
DMARC helps in the fight against malicious email practices that put your business in danger. Whether you are doing e-commerce or offline sales, your business uses email as a primary means of communication with employees, customers and suppliers. Unsecured email is easy to spoof and increasingly sophisticated criminals are finding lucrative ways to utilize email. DMARC helps senders and receivers of email work together to better secure email and reduce spoofing.
MxToolbox Tools for DMARC
MxToolbox has the free tools you need to test your DMARC setup and compare it to best practices. MxToolbox’s DMARC lookup checks your DNS DMARC record for availability and compatibility with RFCs, which is especially useful when you setup your initial DMARC record.
A simple DMARC record for Google.com. This one instructs recipients to reject email that comes from Google.com that doesn’t pass DKIM and SPF and where to send the feedback about rejected emails.
A more complex DMARC record used by Outlook.com
Once your record is setup, it is a good idea to monitor your DMARC record to make sure it is publicly accessible. MxToolbox Monitoring Solutions provide a first-line defense against missing or lost DNS records, like your DMARC record.
What’s coming? [Updated]
MxToolbox is dedicated to making it easier for you to get your message through to your customers, by providing free tools and paid services. MxToolbox Delivery Center is an advanced Email Deliverability Management Platform that leverages DMARC to give you everything you need to improve your email delivery. Whether you need to protect your brand from email fraud and phishing or improve your email delivery, MxToolbox Delivery Center is the best solution for your business.
Pingback: Announcing MxDelivery Center | MxToolbox Blog
Pingback: Why Blacklisting isn’t really the problem.. | MxToolbox Blog
Pingback: DMARC Record Missing Alerts | MxToolbox Blog
Pingback: DMARC Record Missing Alerts – Email Marketing
Pingback: Identifying Legitimate Emailers | MxToolbox Blog
Pingback: Managing the Reputation of 3rd Party Emailers | MxToolbox Blog
Pingback: Identifying Email Phishing | MxToolbox Blog