Email Authentication Next Steps – DMARC

How DMARC Email Authentication Works

How DMARC Email Authentication Works

DMARC (Domain-based Message Authentication, Reporting & Conformance) can be regarded as the latest advancement in email authentication. However, since it is not as conventional as SPF (Sender Policy Framework) and DKIM (Domain Keys Identified Mail), we believe it is important to understand how DMARC is different, how it works and why should it matter to you.

So, to explain as clearly as possible, DMARC is a process that ensures that all legitimate emails are authenticating properly against established SPF and DKIM standards. It also ensures that any fraudulent activity appearing to be coming from domains that are under the control of the organization (defensively registered domains, active sending domains and non-sending domains) is blocked. Domain Alignment and Reporting are the two values of DMARC.
DMARC’s alignment feature effectively prevents any attempts of spoofing of the ‘header from’ address in the following way

⦁ It matches the ‘header from’ domain with ‘envelope from’ domain name that are used while performing an SPF check.
⦁ It matches the ‘header from’ domain name with the ‘d=domain name’ in DKIM signature.
In order to pass DMARC, the message has to pass SPF alignment and SPF authentication and/or DKIM alignment and DKIM authentication. A message will certainly fail DMARC if it fails any of these.

DMARC also helps senders in instructing email providers on how the authenticated mail has to be handled via a DMARC policy, eradicating any grey area for guesswork on how to treat mails that fail the authentication.

Senders can choose to either:
⦁ Quarantine the message(s) that fail DMARC (move it to spam folder),
⦁ Reject the message(s) that fail DMARC (don’t deliver the mail at all), OR
⦁ Monitor each and every mail, understanding the brand’s email authentication system and guarantee that a legitimate email is authenticating adequately enough, without any interference with delivery of the message(s) that failed DMARC.

Mailbox providers regularly send forensic and DMARC aggregate reports back to the senders, giving them complete visibility of the messages that are getting authenticated and the ones that are not, and why.

So why does DMARC really matter to you? The answer is quite simple – DMARC is the first and the only widely deployed technology that can authenticate the trustworthiness of the ‘header from’ address. This foolproof process protects customers and the brand, as well as discourages all cybercriminals to go after brands that have a DMARC record.

Read this article to find more about Mail Monitor’s email authentication processes.

Leave a Reply