What is DMARC
Domain-based Message Authentication Reporting and Conformance (DMARC) is used to authenticate an email by aligning SPF and DKIM mechanisms. By having DMARC in place, domain owners large and small can fight business email compromise, phishing and spoofing.
With DMARC you can tell the world how to handle the unauthorized use of your email domains by instituting a policy (p=) in your DMARC record.
The video below explains how this works:
Why Use DMARC for Email?
Email is involved in more than 90% of all network attacks and without DMARC, it can be hard to tell if an email is real or fake. DMARC allows domain owners to protect their domain(s) from unauthorized use by fighting phishing, spoofing, CEO fraud, and Business Email Compromise.
By always sending DMARC compliant email, the operator of an Internet domain can tell the world “everything I send is easy to identify using DMARC—feel free to drop fake email that pretends to be me.”
DMARC’s utility as an anti-spoofing technology stems from a significant innovation; instead of attempting to filter out malicious email, why not provide operators with a way to easily identify legitimate email? DMARC’s promise is to replace the fundamentally flawed “filter out bad” email security model with a “filter in good” model.
Benefits of DMARC
When strong security controls are deployed against fraudulent email, delivery is simplified, brand reliability increases and visibility is granted to domain owners on how their domains are being used around the Internet.
DMARC’s original use-case. DMARC provides visibility of how a domain is used and prevents unauthorised senders from sending email on behalf of an organization.
Organisations need email to be reliable. DMARC is the foundation for reliable email delivery, and is often the first step taken to resolve email delivery issues.
Industries, governments, and regulators are increasingly requiring DMARC to be in place. It is also becoming a requirement for many cybersecurity insurance providers.