188体育

Domain-based Message Authentication, Reporting and Conformance (DMARC) is an email standard that:

• confirms the sender鈥檚 identity using Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM)
• tells the recipient鈥檚 email service what to do with emails that fail the check
• asks recipient email services to provide reports of where email comes from

The receiving email service uses SPF and DKIM to confirm the sender鈥檚 identity. If the receiving email service confirms the sender鈥檚 identity it will forward the email to the receiver鈥檚 inbox. If the receiving email service cannot confirm the sender鈥檚 identity it will mark the email as spam.聽

Benefits of DMARC

By using DMARC, you can:

• help protect your users, employees and reputation from cybercrime
• reduce customer support costs relating to email fraud
• improve trust in the emails your organisation sends
• see the legitimate and fraudulent use of your domains via DMARC reports

Setting up DMARC

Publish a text (TXT) record in your DNS like this one:

v=DMARC1; p=quarantine; pct=100; rua=mailto:[email protected]

This tells anyone receiving email from you that:

• you have a DMARC policy (v=DMARC1)
• any messages that fail DMARC checks should be treated as spam (p=quarantine)
• they should treat 100% of your messages this way (pct=100)
• they should send reports of email received back to you (rua=mailto:[email protected])

Further email security guidance

All public sector organisations must follow guidance on how to set up email services securely.

. You can also read this and implementation guides for cloud-based email services like G Suite and Office 365.

Google uses .

is a related standard that supports email authentication in indirect email flow.