Domain-based message authentication, reporting, and conformance – DMARC is a protocol that uses SPF and DKIM to determine the authenticity of an email. DMARC acts if the SPF and DKIM authentication fails.
The DMARC record is published alongside the DNS server which includes the following:
- SPF
- DKIM
- A-record
- CNAME
What Is DMARC Record?
In general terms, DMARC is a robust email authentication protocol that takes into account the power of both SPF and DKIM. DMARC is an excellent way of helping both the senders and receivers to create a healthy email environment.
DMARC is still relatively new and is evolving, unlike ,SPF & DKIM, everyone does not need DMARC.
How to set-up DMARC record in 4 simple steps
- Publish the DKIM and SPF records
- Contact your company’s DNS administrator
- Create a TXT record in DNS
- Verify with your mailers that identifiers are aligned properly
Here is the simple explanation of DMARC tags
Tag Name | Purpose | Example |
---|---|---|
V | Protocol version/month | v=DMARC1 |
pct | Percentage of messages subjected to filtering | pct=20 |
ruf | Reporting URI for forensic reports | ruf=mailto:[email protected] |
rua | Reporting URI of aggregate reports | rua=mailto:[email protected] |
p | Policy for organizational domain | p=quarantine |
sp | Policy for subdomains of the OD | sp=reject |
adkim | Alignment mode for DKIM | adkim=s |
aspf | Alignment mode for SPF | aspf=r |
Useful resources
- How to set-up DMARC record for Godaddy
- All you need to about DMARC record – DMARC WIKI
What is the need for DMARC authentication
Neither the email users nor the companies are safe from spamming and phishing incidence on the web. Several methods have been introduced over the years to prevent spam but all the methods have been working in the isolation.
Email recipients employ different methods for analyzing the incoming mail messages not limited to SPF and DKIM. DMARC records will not eliminate the need for deep analysis. But it harnesses the principles of SPF and DKIM to help both the senders and receivers by streamlining the process by coordinated efforts.
Importance of DMARC authentication
Spoofing is one the favorite tool of the spammers for getting into the user’s email accounts.
For example, an email turns out to be legitimate with most of the users if there is a logo of a big brand. Majority of email users will be unable to say of an email is a legit one.
DMARC addresses the issues of spoofing and phishing to protect both the senders and receivers. DMARC not only determines if the email is legitimate but also makes sure what needs to be done with the illegitimate email message.
Benefits of a DMARC record in general
- DMARC is a great way to stop any other parties to send emails from your domain. It is seen that publishing of DMARC records have boosted the sender’s reputation.
- The published DMARC records let you know who is sending emails from your domain.
- DMARC records help the overall email community to operate in a healthy and safer email environment by framing consistent policies for email authentication failures.
Benefits of a DMARC record for domain owners
- DMARC record acts as the signal that the domain users are using SPF as well as DKIM email authentication protocols.
- DMARC record provides an email address to collect feedback about the email messages using their domain (Whether legit or not)
- DMARC allows to specify a policy for the message that fails authentication, i.e. to report, quarantine or reject.
Benefits of a DMARC record for email receivers
- Assures the receiver that an email received from a particular domain is using proper email authentication.
- Evaluation of SPF and DKIM
- Ability to set preferences for the email message is failing the authentication checks.
Over to you! Let us know any questions related to email deliverability issues and best practices.