DMARC which is stands for “Domain-based Message Authentication, Reporting & Conformance” is an email authentication policy and reporting protocol. DMARC allows a recipient to confirm that an email is truly coming from the sender and is not a piece of spam or a phishing attack.
DMARC combines the power of two other email authentication methods: SPF and DKIM. It ensures that the email receiver blocks any kind of fraudulent email messages that may be coming from a specific domain. Through support from ISPs (Gmail, Yahoo, Microsoft, and more) DMARC also allows you to receive reports on sending activity for your domain.
DMARC ensures that legitimate email is properly authenticated against established DKIM and SPF standards.
Senders can either:
DMARC’s alignment feature prevents spoofing of the “header from” address by:
To pass DMARC a message must pass SPF authentication and SPF alignment and DKIM authentication and DKIM alignment. A message will fail DMARC if the message fails both (1) SPF or SPF alignment and (2) DKIM or DKIM alignment.
The main work of DMARC is to detect and prevent email spoofing and phishing. Phishing scams that are designed to look like they are coming from your bank prompting you to click on a link to reset your password or to give them your information.
DMARC addresses these issues, helping email senders and receivers work together to better secure emails, protecting users and brands from painfully costly abuse.