What is DMARC
By
detecting sender spoofing, Domain-based Message Authentication,
Reporting and Conformance (DMARC) helps block phishing efforts that
use this spoofing method to penetrate an organization's defenses. DMARC
simplifies how email receivers conduct SPF and DKIM email authentication, as
well as the steps that should be taken if authentication is unsuccessful.
Organizations can publish a DMARC policy that defines whether or not their
emails are protected by SPF, DKIM, or both. If neither of these authentication methods works, the DMARC policy directs the recipient on what to do.
Why is DMARC
important?
Emails,
as you know, is very easy to Spoof. Criminals love it because phishing
emails that appear to come from senders you trust, especially well-known
brands are easy to bait and exploit.
Simply
putting a well-known brand's logo into an email makes it look more legitimate,
increasing the chances of someone clicking on something they shouldn't.
In most cases, an end-user may be unable to tell the difference between a genuine
and a fraudulent message, mailbox providers to make difficult decisions about
which messages are genuine and which are not.
DMARC
helps in the solution of these challenges by assisting email senders and
recipients in collaborating to better secure emails and protect users and organizations
from abuse.
How Does DMARC Work?
The sender specifies how its email is authenticated and what the receiving mail a server should do if an email violates the DMARC policy within that DMARC
policy.
A
receiving mail server examines the DMARC policy for the domain in the "header
from" section when a message arrives. The DKIM signature and SPF of a
message are then checked. To pass DMARC, the message must pass both DKIM and
SPF and at least one of the two must align (DKIM or SPF).
What
does it mean to “align?” For SPF to align, the email’s return address
(“envelope from”) and “from” domain must match. For DKIM to align, the email’s
DKIM d=domain and “from” domain must match.
If
the message fails DMARC, the policy will advise the receiving server on what to
do with it. It may advise you to move the message to a separate folder (such as
the spam folder) or to reject it completely.
Enabling spoofed sender detection with
DMARC
You
can enable DMARC for some or all of your domains. You cannot exclude specific
senders from DMARC authentication, except by adding them to your Approved
Senders list. You cannot enable DMARC for individual groups or users; you can
only enable it at the domain level.
1.
Click Services > Email Services > Anti-Spam
> Detection Settings.
2.
Select Global Settings or select a domain from
the drop-down list.
3.
In the Spoofed Sender Detection section, check
the Use DMARC check box.