HomeResourcesDMARC

DMARC

Domain-based Message Authentication, Reporting & Conformance
Leading email service and technology providers and organizations including OTA support DMARC as an emerging standard for reducing the threat of deceptive emails. The group's work includes a draft specification that helps create a feedback loop between legitimate email senders and receivers to make impersonation more difficult for phishers trying to send fraudulent email.  DMARC standardizes how email receivers perform email authentication using the well-known SPF and DKIM mechanisms.  

What is DMARC?

  • A multi-stakeholder effort to help provide domain owners enhanced brand security & integrity of the email channel.
  • Builds on lessons learned and the needs of brand owners and receiving networks.
  • Helps to address key deployment issues for of SPF and DKIM
  • Response to the need for a scalable and effective policy mechanisms
  •  Helps to combat phishing by tying visible Mail User Agent (MUA) “from” to DKIM or SPF authenticated domain

Domain Owners & Email Senders Benefits

  • Enhanced brand protection
  • Ability to communicate to receiving networks and ISPs what to do with illegitimate email
  • Feedback loop to improve and monitor their authentication infrastructure
  • Visibility on both the abuse of their domain and to optimize authentication across all domains and subdomains

Receiving Networks & ISPs Benefits

  • Clarity for handling of un-authenticated & failing email
  • A uniform and scalable way to determine email legitimacy
  • Freedom to act on email with confidence – no more guessing
  • Scalable methods to provide feedback to Domain Owners

End User Benefits:

  • Greater confidence of the email channel
  • Significant reduction in risk of phishing from DMARC domains

Resources
OTA Query Tool  for SPF & DMARC Records - Test DNS for valid records

Global Cyber Security Alliance - DMARC record generator & testing tool

Global Cyber Security Alliance - Monthly Training Webinars

Dmarcian - DMARC & SPF Tools

DMARC & TLS (Agari)

DMARC Record Generator (Agari)

DMARC.ORG

ValiMail Record Tester (SPF & DMARC)