Email deliverability is changing for the better, increasing security and reducing the likelihood of spam. Instead of guessing how to get your email delivered, all MAJOR email receivers are asking senders to make email easy to identify. This process is called ’email authentication’ and DMARC is the right way to do it.
What is DMARC?
Domain-based Message Authentication, Reports, and Conformance (DMARC) is the latest and greatest advance in email authentication. DMARC ensures that legitimate email is properly authenticating against established DKIM (Sender Policy Framework) and SPF (Domain Keys Identified Mail) standards, and that fraudulent activity appearing to come from domains under the organization’s control is blocked.
How does DMARC work?
DMARC’s prevents spoofing of the ‘header from’ address by:
- Matching the ‘header from’ domain name with the ‘envelope from’ domain name used during an SPF check, and
- Matching the ‘header from’ domain name with the ‘d= domain name’ in the DKIM signature
How to Pass DMARC:
To pass DMARC, a message must pass SPF authentication and SPF alignment and/or DKIM authentication and DKIM alignment. A message will fail DMARC if the message fails both:
- SPF or SPF alignment and
- DKIM or DKIM alignment
Why DMARC Matters
DMARC is the first and only widely deployed technology that can make the “header from” address (what users see in their email clients) trustworthy. Not only does this help protect customers, it also discourages cybercriminals.
To learn more about DMARC, click here.