top of page

What is DMARC?

Feb 72 min read

Updated: Feb 28

Have you ever received an email claiming to be from your bank, but something felt off?

This is phishing—cybercriminals impersonating trusted entities to trick you.

Enter DMARC (Domain-based Message Authentication, Reporting, and Conformance), your email superhero!

alt=""

DMARC is an email authentication protocol that ensures legitimate emails from your domain are delivered while keeping fraudulent ones out.

Think of it as your email’s bouncer, checking IDs before letting messages through.


SPF and DKIM:

The Sidekicks in the Fight Against Fraud

Before DMARC can do its job, it relies on two sidekicks: SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail).


In simple terms:


  • SPF verifies that an email’s sender is authorised to send emails for that domain.

  • DKIM adds a digital signature to your emails, proving they haven’t been tampered with during transit.


These work together to provide the groundwork for DMARC’s magic.

For more information on What SPF is? And What is DKIM? Check out the detailed blogs.


Why Your Business Needs DMARC

DMARC isn’t just a tech buzzword—it’s a business necessity.

Here’s how it protects you and your clients:


  1. Stops Phishing Attacks: By preventing unauthorised use of your domain, DMARC drastically reduces phishing attempts on your brand.

  2. Protects Your Reputation: Keeps your domain trustworthy in the eyes of customers and partners.

  3. Improves Email Deliverability: Ensures legitimate emails reach inboxes, not spam folders.

  4. Provides Visibility: Offers reports on who’s sending emails from your domain, helping you spot any unauthorised activity.


How Does DMARC Work?


DMARC builds on SPF and DKIM to determine whether an email is legitimate.

Here’s a simplified breakdown of its process:


  1. Authentication: When an email arrives, the recipient’s server checks if it passes SPF and DKIM checks.

  2. Policy Application: If the email fails, the DMARC policy dictates what happens next

    None: Monitor and report on activity without affecting delivery.

    Quarantine: Send suspicious emails to the spam folder.

    Reject: Block unauthorised emails outright.

  3. Reporting: DMARC sends detailed reports, giving you insight into email activity across your domain.


This layered approach keeps fraudulent emails at bay, protecting your brand and your customers from harm.


Reporting challenges

Reports received can be difficult to read, coming in an XML format and looking something along the following

XML code snippet shows an email authentication report with DKIM and SPF checks. Key elements include source IP and domain results.
Example DMARC report XML format

I generally don’t advocate for tools, but it may be worth the investment if your mail volume is significant. The following is a visual output of the above XML, which I am sure you can agree is a little easier to read.


Graph showing DMARC aggregate report for Dec 30, 2024. Vertical yellow bar represents 66.67% non-compliant emails. Table lists sources.

Why DMARC Matters


Phishing isn’t just a nuisance; it’s a costly threat. Without DMARC, your business risks financial losses, reputational damage, and legal repercussions. Implementing DMARC shows your clients and partners you take security seriously—a crucial trust builder in today’s digital world.


For more insights why not explore our other blog posts, or if you have a specific question that requires personalised guidance, please do get in touch.

 
 
bottom of page