DMARC
Definition
DMARC (Domain-based Message Authentication, Reporting and Conformance) is an email authentication protocol that helps domain owners prevent email spoofing by defining how messages failing SPF and DKIM checks should be handled.
Examples
- A company sets up a DMARC policy to reject emails that fail authentication, blocking spoofed messages pretending to come from their domain.
- An organization uses DMARC reports to monitor unauthorized use of its email domain by third-party servers.
Overview
DMARC is a security protocol designed to combat email spoofing, phishing, and spam by giving domain owners control over how unauthenticated messages are handled. It builds on two existing protocols — SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail) — and introduces a policy framework that tells receiving mail servers what to do when a message fails authentication.
DMARC also provides a reporting mechanism, allowing domain owners to receive feedback from email providers about who is sending email on their behalf. This transparency makes it easier to detect abuse and misconfigurations. As phishing campaigns often use spoofed sender addresses to impersonate trusted brands, DMARC is a crucial defense mechanism in modern email infrastructure.
Tip: The interactive version includes progress tracking, decks, and premium deep dives.