What is DMARC?

DMARC (Domain-based Message Authentication, Reporting and Conformance) is a specification developed to reduce the misuse of email, such as occurs with mail spoofing.

DMARC builds on the Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM) techniques by specifying, for a sender domain, how the recipient mail server should authenticate email and how to proceed in case of failure.

While the aforementioned techniques describe who is allowed to send a mail (SPF) or ensure that this mail comes from the sender unchanged in a certain way (DKIM), the DMARC specification additionally allows the sender to make recommendations on how the recipient should handle a mail that does not meet the requirements in one or both cases.

Provided that the recipient mail system applies the DMARC specification to e-mail messages, this ensures consistent verification of the authenticity of these e-mails.

The DMARC policy for a sender domain can be obtained by the recipient’s mail server from an entry in the Domain Name System (DNS).

In addition, DMARC also has an integrated reporting component. This means that the domain owner receives feedback in the event of misuse of his e-mail addresses and can even identify who is carrying out the misuse.

See also:
Wikipedia: DMARK