Why is DMARC so important these days?


Maybe you’ve been noticing some chatter about this new DMARC acronym. Or perhaps you’ve been receiving some complaints by somebody not receiving your emails.

DMARC stands for Domain-based Message Authentication, Reporting, and Conformance.

That’s because of the usual SPF (Sender Policy Framework), DKIM (DomainKeys Identified Mail) is not enough anymore. Things change.

Most ESP (Email Service Providers) implement more strict identification and authentication protocols to make their inboxes safer. It’s another step to stop not only SPAM but also phishing attempts.

Why another sender authentication protocol like DMARC

DMARC will create a layer of authentication of the email sender to the recipient. It’s like a confirmation to the recipient ESP that it’s not spam or a phishing attack. The primary purpose of DMARC is to avoid the lousy use of spoofed emails claiming to be from your domain name. We’re talking about the “from” address of the emails you’re sending.

The sender publishes a DMARC policy into their DNS (Domain Name System) to demonstrate the original email provenience. Not only that, but it also states in the DMARC policy how the receiver mail server should handle the email if something happens outside of these rules.

The process is quite simple. When an ESP receives an email, it checks the DMARC policy against the domain name in the “from” sender information. After that, it also inspects the DKIM and SPF of that message. If there’s no match between the DMARC policy and the DKIM and SPF information, the message is blocked and sent to wherever the DMARC policy defines it. Reject or quarantine.

DMARC technical snapshot

A DMARC DNS record is very similar to this example:

v=DMARC1;p=reject;pct=100;rua=mailto:[email protected]

If you tear it apart, this is the breakdown:

  • V – Version of the DMARC protocol
  • Pct – Percentage of messages that are subject to filtering
  • Rua – Where to send aggregate reports
  • P – The preferred response to the DMARC policy. It could be p=reject or p=quarantine.

Your mail servers, which are receiving these reports (both forensic and statistical ones), should be using this information to know how to get better and make sure that your emails are delivered.

Why is DMARC so crucial, after all?

Imagine that you don’t activate this authentication procedure and stay the same. You’ll keep doing your emailing as you always did. However, time and time again, you’ll be receiving error messages or people complaining that the email you said you just sent never arrives.

So, like in any other platform or channel, you should accommodate its own rules. If the Email Service Providers have implemented DMARC as their new email authenticity filter to make their inboxes safer, then you should make sure that you’re compliant with this feature.

And it’s worth it. Believe us. The email has been around for as long as communication through the internet. It is not going away any time soon.

Our team is here to support you

Let's face it; we can't do everything ourselves. Sometimes we need to ask for support from field experts.