DMARC – Usage and limitation

Post Date:4/25/2017

DMARC is a great solution for preventing direct domain spoofing. When an email is sent by an unauthorized sender (whether it is sent by a malicious user, or even an unauthorized user of a department of the company that owns/operates the domain), DMARC can be used to detect the unauthorized activity and (if so configured) request that those messages be blocked or discarded when they are received.

If the owners/operators of website.com use DMARC to protect that domain, it would have no effect on website.net, unless .NET is also DMARCISED

Impersonating a given domain is a common method used for phishing and other malicious activities, there are other attack vectors that DMARC does not address.

DMARC does not address cousin domain attacks (i.e. sending from a domain that looks like the target being abused – e.g. website.com vs websit3.com ), or display name abuse where the “From” field is altered to look as if it comes from the target being abused.

ที่มา:http://blog.secureitlab.com/dmarc-what-can-it-do-and-not-do-as-yet/


Back