What is DMARC (Domain-based Message Authentication Reporting & Conformance)?

Servers with the DMARC protocol
Compartilhar no facebook
Compartilhar no twitter
Compartilhar no linkedin
Compartilhar no reddit
Compartilhar no whatsapp

DMARC (Domain-based Message Authentication Reporting & Conformance) improves your email security and protection. It´s an email authentication, a set of policies and rules that uses SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail) to detect and prevent fraud.

DMARC standardizes the way emails are checked by servers. It means protection against spam and phishing.

Table of Contents

Identify advanced and targeted threats and block them faster with Gatefy
Icon of the Gatefy's cloud email security solution.

DMARC is a solution to prevent email fraud

Using authentication mechanisms, DMARC has an important role to define if an email is legitimate or a fake one. Besides that, its configuration will determine what should be done with an email, whether it must be delivered or not.

How DMARC works

DMARC works warning the mail servers that the sender’s messages are protected by SPF and/or DKIM and, if one of these authentication protocols fails, an action should be taken, such as reject the email. DMARC also allows senders to receive reports back about messages that have been delivered and/or failed.

Why you should use DMARC

You should use DMARC to block email spoofingphishing and spam. In other words, to prevent criminals from using your company’s name and brand to commit scams and frauds.

Let´s share dmarc.org answer to why DMARC is so important:

“Users can’t tell a real message from a fake one, and large mailbox providers have to make very difficult (and frequently incorrect) choices about which messages to deliver and which ones might harm users. Senders remain largely unaware of problems with their authentication practices because there’s no scalable way for them to indicate they want feedback and where it should be sent. Those attempting new SPF and DKIM deployment proceed very slowly and cautiously because the lack of feedback also means they have no good way to monitor progress and debug problems. DMARC addresses these issues, helping email senders and receivers work together to better secure emails, protecting users and brands from painfully costly abuse”.

DMARC Challenges

Before choosing to deploy DMARC, you should know that…

• DMARC protects your company against direct domain spoofing.

• It doesn’t guarantee protection against spoofing of the display name and similar domains, also called cousin domain attacks.

• Like DKIM, it has a complex deployment.


Yes, it’s fundamental to have these three mechanisms enabled: DMARC, DKIM and SPF. They work as a team, increasing your email security. Think you’d better defend yourself by having three different barriers than just one or two. As we say, the more useful protections your company has, the better.

More information about DMARC

Please, go to www.dmarc.org.

Improve your business’s email security. Schedule a demo!
Don't forget to share this post
Compartilhar no facebook
Compartilhar no twitter
Compartilhar no linkedin
Compartilhar no reddit
Compartilhar no whatsapp
Related Articles