Email spoofing, much like all online scams, is on the rise. Spoofing is a form of phishing attack that deceives a user into believing an email came from a...
IT Security
What is DMARC?
What is DMARC and does your business need it?
DMARC stands for Domain-based Message Authentication, Reporting and Conformance. And it is a procedure that uses SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail) in order to determine the authenticity of an email message.
DMARC uses a technical specification to determine email authenticity by aligning SPF and DKIM methods. With DMARC in place, it allows businesses and domain owners to combat spoofing, phishing and email compromise.
-
Sender Policy Framework (SPF)
An SPF is an email authentication protocol that allows you to publish a DNS record of domains or IP addresses that you use to send email. When an email is received, the record is checked and it treats emails from anywhere else as spam.
-
DomainKeys Identified Mail (DKIM)
DKIM is a cryptographic authentication protocol that enables organisations and businesses to take responsibility for messages they send by signing them off in a manner that mailbox providers can verify.
Why does your business need DMARC?
There are several reasons why your business would benefit greatly from DMARC.
DMARC enables email senders to handle any emails that were not authenticated and those that don’t pass the SPF or DKIM status check. For those emails, there are two options: sending them to the junk folder, or have them blocked.
When one of these options are chosen, it allows the ISPs (Internet Service Providers) to better identify spammers, helping prevent malicious emails from consuming inboxes, as well as providing a better authentication reporting service.
DMARC has three policies in place for handling unauthorised use of your email domain within your DMARC record:
- p=none
This monitors the email traffic but no further actions are taken - p=quarantine
This sends any unauthorised emails into the spam folder - p=reject
This is ultimately the final goal when implementing DMARC; it ensures that any unauthorised email doesn’t get delivered at all
How does DMARC work?
DMARC works by checking whether an email passes SPF and DKIM (or both), in a process that is known as ‘DMARC alignment’ or identifier alignment. This status check provides a check entry that informs the email domain’s policy. The DMARC record tells email servers to send XML file reports back to the reporting email address that has been supplied. The detailed reports provide insight into how an email moves through the system, allowing businesses and individuals to identify everything that is using their email domain.
To deploy DMARC email authentication, a DMARC record will need to be published in the DNS.
Why use DMARC for email?
Without DMARC email authenticator, it can prove difficult to determine whether an email is real or fake. And with email being involved in “more than 90% of all network attacks”, it is vital businesses have a tool that aids them in deciphering the deceitful from the authentic.
The number one benefit to using DMARC is that it allows domain owners to protect their email domains from unauthorised use; it is leading the way in the fight against phishing, spoofing, CEO fraud and business email compromise.
What are the benefits of using DMARC?
The main benefit for using DMARC is that it enables domain owners greater brand reliability as well as visibility and insight into on how their domains are being used. Enabling them to see who and what is sending emails using their email domain.
With strong security controls deployed against fraudulent email, DMARC protects people from spam, fraud and phishing; therefore, it’s a great tool at disallowing unauthorised use of your email domain.
Businesses can disallow unauthorised use of their email domain, which in turn also helps the email community to establish a consistent and up to date policy for handling emails that fail to authenticate. This strengthens the email system, creating more security and trust.
By publishing DMARC records, it better protects your brand, preventing unauthenticated parties from sending emails via your domain. Often, this implementation can result in a positive reputation increase for your brand or business.
- Security
- Visibility
- Delivery
- Identity
- Reputation
Protect your email channel, contact Bluecube
Looking for help with your email security? We have a specialist IT security team that can help secure your IT systems and better secure your network, give us a call today on 0845 257 8010, alternatively, you can fill out our online enquiry form, and we’ll be in touch as soon as possible.
Latest


Microsoft Server 2012 R2 and 2016 end-of-life...
Many of us trust Microsoft servers for critical...

Bluecube Academy - The journey so far
It has been 17 months since the launch of Bluecube’s...

Cyber Essentials and Cyber Essentials Plus:...
Bluecube is Cyber Essentials Plus certified, meaning...

How the cyber skills gap affects not-for-profits...

How the cyber skills gap affects not-for-profits...

What Are The Pros and Cons of Managed IT...
Businesses turn to managed services to monitor their...

Meet ICT Apprentice: Michael Reynolds
Michael joined Bluecube Academy as an ICT Apprentice...

How To Keep Your Business Secure When Remote...
To ensure that a business is secure, workers should be...