Why DMARC?

Post Date:4/25/2017

People and companies around the world suffer from the high volume of spam and phishing on the Internet. Over the years several methods have been introduced to try and identify when mail from (for example) myrealcompany.com really is, or really isn’t coming from myrealcompany.com. However:

These mechanisms all work separately and isolated from each other
Each receiver makes own decisions about evaluation of the results
The legitimate domain owner (e.g – myrealcompany) never gets any feedback
Enter DMARC.

DMARC addresses the above short falls by providing coordinated, tested methods for:

Domain owners to:
Signal that they are using email authentication (SPF, DKIM)
Provide an email address to gather feedback about messages using their domain –wether legitimate or not
A policy(report, quarantine, reject) to apply to messages that fail authentication
Email receivers to:
Be sure that a given sending domain is using email authentication
Consistently evaluate SPF and DKIM along with what the end user sees in their inbox
Determine the domain owner’s preference (report, quarantine or reject) for messages that do not pass authentication checks
Provide the domain owner with feedback about messages using their domain
DMARC is best implemented slowly (have u heard of a tree that has grown in a day 😛 ?)

A domain owner who has deployed email authentication will begin using DMARC in “monitor mode” to collect data from participating receivers. As the data shows that their legitimate traffic is passing authentication checks, they will change their policy to request that failing messages be quarantined. As they grow confident that no legitimate messages are being incorrectly “quarantined”, they will move to a “reject” policy.

ที่มา:http://blog.secureitlab.com/why-dmarc/


Back