Back to Blog

Understanding DMARC

By Jay Singh
July 21, 2017

By Jay Singh

Understanding the basics of how DMARC works can sometimes be a challenge with the sea of complicated resources a simple search can uncover. The reality, however, is that DMARC is not as complicated as you might think and understanding the basics of how it works is fairly simple.

DMARC builds upon two existing technologies, SPF and DKIM, that help authenticate email in different ways. SPF verifies if an email is sent from a valid IP address, and DKIM verifies if an email is sent from a valid source by using encryption in the header of an email. The problem with only using SPF and DKIM is that they do not enforce a policy, so it does not really add any protection to your domain. This is where DMARC comes in. DMARC uses the authentication that SPF and DKIM provide to enforce a policy. This means that only emails that pass SPF or DKIM authentication will pass DMARC validation and reach your recipient’s inbox. For unauthorized emails, DMARC will deal with them based on the DMARC policy you set. Here are the policies and what each means for unauthorised emails:

  1. p=none This means no policy is set, so all emails will still be able to reach receiver regardless of if they are authorised emails or not.
  2. p=quarantine This means that emails that fail DMARC validation will be sent to the junk/spam folder.
  3. p=reject This is the most powerful policy, and it results in all unauthorised emails being completely blocked.

Like SPF and DKIM, DMARC has been widely adopted by most major email receivers. This means that you will not only get reports back, but the DMARC policy you set will be upheld by them.

We at OnDMARC have created a video that explains what I have been describing with the help of some visuals and animation. We hope that the video gives you a better understanding of how DMARC works and where SPF and DKIM fit into the picture. You can watch the video below.

The author, Jay Singh, is with Marketing and Partnerships at Red Sift, a Global Cyber Alliance partner. You can follow him on Twitter @jaydsingh11.

Editor’s Note: The views expressed by the author are not necessarily those of the Global Cyber Alliance.

Back to Blog
Use a Tool Donate Partner with Us

New York  |  London  |  Brussels

New York  |  London  |  Brussels

The Global Cyber Alliance is a nonprofit organization dedicated to making the Internet a safer place by reducing cyber risk. We build programs, tools, and partnerships to sustain a trustworthy Internet to enable social and economic progress for all. GCA is a 501(c)(3) in the U.S. and a nonprofit in the U.K. and Belgium.

[email protected]     |     +1.646.677.5535

Cyber Essentials Full Color Logo and Mark
IASME Consortium Self-Certified Logo
Online Trust Alliance Honor Roll Certification Logo

Global Cyber Alliance is a 501(c)(3) Nonprofit Organization

Copyright 2024 Global Cyber Alliance | Sitemap