What is DMARC? Geeky Edition!

Article3Cybersecurity
Written By Hayley Ravotti

We also have this information in video format. 

DMARC, Domain-based Message Authentication, Reporting & Conformance, is an email security protocol that verifies email senders by building on the DNS services and the SPF, and DKIM protocols (put graphic with acronym defs). It was created to block the threat of email spoofing, domain spoofing, email phishing, business email compromise, and other email-based attacks.

By the way, email delivery folks like Google and Yahoo are starting to require DMARC in order for your email to get delivered. No DMARC? Your email won’t get delivered (so far this is for people sending over 5,000 emails per day). Like it or not, you need to pay attention to this.

DMARC works by first requiring DKIM or SPF to be in place on an email domain for every party that sends email on the behalf of that domain. And there needs to be a DMARC record to be in the DNS. For a message to pass DMARC authentication, it must pass SPF authentication and DKIM authentication. If the message fails either authentication, senders can instruct receivers on what to do via a DMARC policies which are none, quarantine, and reject.

If the message fails DMARC protocol and the DMARC policy is "none," then the email still gets sent through even though it failed. If the policy is "quarantine," the email gets sent to the spam/junk folder. And if the policy is "reject," the email is, you guessed it, not delivered.

Creating a strong DMARC policy is important because it also tells email servers who are receiving your emails summary reports back to a reporting email address to provide insight on how your email moved through the ecosystem. It's another step in allowing you to identify everything that uses your email domain.

Why use DMARC?

  • improves email deliverability

  • lowers the risk of email phishing attacks

  • protects domain reputation

  • provides thorough authentication reporting

  • enforces sender policies

Still confused about all of these acronyms? Check out our videos on DNS, SPF, and DKIM. You can also visit our Check Your DMARC webpage and submit a form with your question!

Hayley Ravotti

About Hayley

Simplex-IT, Video Editor/Producer

Hayley's a passionate Video Producer with a love for creating educational content. Her love for cameras started when she was young and inspired her to continue her education and get a degree in Communications Media Production. Her journey with Simplex-IT has amounted to over 400 videos including both long form and short form content. Hayley's the brains behind the camera and is also the producer for the Biz-Tech Twists Podcast.

Connect with Hayley on LinkedIn: www.linkedin.com/in/hayley-ravotti

Previous

Bridging The Trust Gap Between Your Employees And AI
Next

Why Saving Passwords on Your Computer is a Risk You Can't Afford