What is DMARC?

December 28, 2016
Mark Guntrip

The DMARC (Domain-based Message Authentication Reporting and Conformance) standard is one of your company’s best defenses against today’s advanced email threats including business email compromise (BEC) and consumer phishing.

In this post, the third in our email authentication series, we’ll reveal what it is, how it works, and why it matters.

What is DMARC?

DMARC (Domain-based Message Authentication Reporting and Conformance) is the first and only email authentication technology that can make the From address that users see in their email clients trustworthy.

DMARC ensures that legitimate email is properly authenticating against established DKIM (DomainKeys Identified Mail)  and SPF (Sender Policy Framework) standards, and that fraudulent activity spoofing domains under your company’s control is blocked.

How does DMARC work?

To pass DMARC, a message must pass SPF authentication and SPF alignment and/or DKIM authentication and DKIM alignment.

An email passes SPF alignment when the visible From address domain matches the hidden Mail From address domain (aka envelope from or mfrom) within the header of the email. An email passes DKIM alignment when the visible From address domain name matches the “d=domain name” in the DKIM signature.

If a message fails DMARC, senders can instruct receivers of the message (email providers and/or secure email gateways) on how to handle it via a DMARC policy. Senders can either:

  • Monitor all failed messages to understand their own email authentication ecosystem
  • Quarantine messages that fail DMARC (e.g., move to the spam folder)
  • Reject messages that fail DMARC (e.g., don’t deliver the mail at all)

Receivers then send regular DMARC reports back to senders, giving them visibility into what messages are authenticating, what messages are not, and why.

Why Does DMARC Matter?

While educating end users about email fraud is critical, it cannot be your organization’s first line of defense. According to Verizon, 30 percent of recipients open phishing messages and 12 percent click on attachments. DMARC removes the guesswork for employees and customers, nullifying an entire class of phishing messages.

Want to learn how to implement DMARC at your organization? Download our Email Authentication Kit here.