What is DMARC (Domain-based Message Authentication, Reporting & Conformance)?

🔎 What is DMARC?

DMARC is an email authentication protocol, using Sender Policy Framework, (SPF) and DomainKeys identified Mail (DKIM). It is published in the DNS records so that any receiving email server can authenticate the incoming email, and get protected against malicious activities like "email spoofing".

It allows:

• The owner of a domain to signal in DNS records which security protocols (SPF, DKIM, or both) are implemented when sending email from that domain.
• The sender to define how to handle emails that didn't pass the authentication (using DKIM and SPF). Either it can send them in spam for quarantine, or block them.
• The sender to get a detailed report of his domain activities to identify rapidly suspicious ones.

Basically, DMARC makes it simpler for ISP (Internet Service Providers) to identify malicious emails and make the internet a safer place.

‍

💡 Why it is so important?

DMARC is an extension of existing email authentication methods like DKIM and SPF. It makes sure that no unauthenticated users will be able to send email from your domain, protecting your brand and the trustworthiness of your domain.

It's also an indicator used by ISPs to flag emails as spam or not. Having a DMARC set up for your domain will improve your overall email deliverability.

‍

📹 Video explanation