DMARC

Everyone knows those emails that seem from your bank, but are not. These are called phishing emails. Criminals try to steal your identity or payment information. If you use the SPF, DKIM and DMARC authentication techniques, you prevent criminals from using your domain (contact@domain.com).

DMARC is a technique that validates the sending address and the sending server (platform where the mail is sent from). It reduces the SPAM score of your mailings as e-mail servers increasingly expect your mails to be properly secured. So this benefits your delivery. 

DMARC

DMARC stands for Domain-based Message Authentication, Reporting & Conformance. DMARC is the best guarantee against phishing because DMARC is a policy for requiring authentication. It is an extra guarantee that indicates that your mailings are protected with SPF and DKIM.

Structure of DMARC

DMARC consists of SPF (Sender Policy Framework) and DKIM (Domain Keys Identified Mail).

SPF

SPF stands for Sender Policy Framework and this technique ensures that a mailing that is sent on behalf of a sender (e.g. Spotler) is authorized by the owner or manager of the reply address (your organization). SPF is a part of the authentication technique DMARC. 

With SPF you indicate that Spotler is authorized to send emails on behalf of your organization. A receiving mail server can check the SPF record in the DNS of the domain of your organization. 

DKIM

DKIM ensures that a digital signature and a key are added to your mailings. Your organization therefore 'endorses' that the email sent was actually sent in the name of your organization. A receiving mail server will always check this key in the DNS of your company's domain.

DMARC reports back to you

If mailings are sent without SPF and/or DKIM, DMARC will report this back to you. This gives you insight into -possible- abuse of your domain name. Depending on how DMARC is set up, the sent mail will be:

  • decline
  • quarantined
  • delivered

Interesting articles: