Domain-Based Message Authentication, Reporting, and Conformance (DMARC)

What is it?

What is it?

"Domain-based Message Authentication, Reporting, and Conformance (DMARC)" is an email authentication protocol designed to combat email spoofing, phishing, and other fraudulent email activities by giving domain owners visibility and control over their email domain's usage. DMARC works with existing email authentication mechanisms such as SPF and DKIM to verify the authenticity of sender domains and enforce email delivery policies.

Key points to remember

Key points to remember

  • Authentication Framework: DMARC provides domain owners with a framework for specifying how incoming emails from their domain should be authenticated using SPF and DKIM mechanisms.

  • Policy Enforcement: DMARC allows domain owners to set policies for handling incoming emails that fail authentication checks, including "none" (no action), "quarantine" (deliver to spam/junk folder), or "reject" (reject outright).


  • Reporting Mechanism: DMARC generates aggregate and forensic reports that give domain owners insights into email authentication results, including information on email sources, authentication failures, and potential abuse.


  • Implementation Considerations: DMARC implementation requires configuring SPF and DKIM records, publishing DMARC policies in DNS, and monitoring and analyzing DMARC reports to fine-tune authentication policies and improve email deliverability.


  • Industry Adoption: DMARC adoption is widespread among email service providers, government agencies, financial institutions, and other organizations concerned with email security and brand protection.

Example of Use

Example of Use

  1. Policy Enforcement: A company sets up a DMARC policy to "reject" all incoming emails that fail SPF and DKIM authentication checks, preventing unauthorized use of its domain for phishing attacks.


  2. Reporting and Analysis: An email administrator reviews DMARC aggregate reports to identify unauthorized sources sending emails on behalf of the organization's domain and takes corrective action to mitigate security risks.

Find and verify emails for free