Why Do You Need DMARC?
Why Do You Need DMARC? End users and companies all suffer from the high volume of spam and phishing on the Internet. Over the years several methods have been introduced to try and identify when mail from (for example) IRS.GOV really is, or really isn’t coming from the IRS. However:
- These mechanisms all work in isolation from each other
- Each receiver makes unique decisions about how to evaluate the results
- The legitimate domain owner (e.g. IRS) never gets any feedback
DMARC attempts to address this by providing coordinated, tested methods for:
- Domain owners to:
- Email receivers to:
- Be certain a given sending domain is using email authentication
- Consistently evaluate SPF and DKIM along with what the end user sees in their inbox
- Determine the domain owner’s preference (report, quarantine or reject) for messages that do not pass authentication checks
- Provide the domain owner with feedback about messages using their domain
A domain owner who has deployed email authentication can begin using DMARC in “monitor mode” to collect data from participating receivers. As the data shows that their legitimate traffic is passing authentication checks, they can change their policy to request that failing messages be quarantined. As they grow confident that no legitimate messages are being incorrectly quarantined, they can move to a “reject” policy.
Learn more about DMARC