Cyber security

What is DMARC?

12 August 2022

Email spoofing, much like all online scams, is on the rise. Spoofing is a form of phishing attack that deceives a user into believing an email came from a trustworthy person or business. It is achieved by the sender disguising the ‘From’ address and using a name or business that the receiver will recognise.

When the ‘From’ address changes appearance, it can easily slip through email security and end up in an individual’s inbox. The main way to protect against this type of email attack is using email authentication solutions such as DMARC.


What is DMARC and does your business need it?

DMARC stands for Domain-based Message Authentication, Reporting and Conformance. And it is a procedure that uses SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail) in order to determine the authenticity of an email message.

DMARC uses a technical specification to determine email authenticity by aligning SPF and DKIM methods. With DMARC in place, it allows businesses and domain owners to combat spoofing, phishing and email compromise.

  • Sender Policy Framework (SPF)

An SPF is an email authentication protocol that allows you to publish a DNS record of domains or IP addresses that you use to send email. When an email is received, the record is checked and it treats emails from anywhere else as spam.

  • DomainKeys Identified Mail (DKIM)

DKIM is a cryptographic authentication protocol that enables organisations and businesses to take responsibility for messages they send by signing them off in a manner that mailbox providers can verify.

Why does your business need DMARC?

There are several reasons why your business would benefit greatly from DMARC.

DMARC enables email senders to handle any emails that were not authenticated and those that don’t pass the SPF or DKIM status check. For those emails, there are two options: sending them to the junk folder, or have them blocked.

When one of these options are chosen, it allows the ISPs (Internet Service Providers) to better identify spammers, helping prevent malicious emails from consuming inboxes, as well as providing a better authentication reporting service.

DMARC has three policies in place for handling unauthorised use of your email domain within your DMARC record:

  • p=none
    This monitors the email traffic but no further actions are taken

  • p=quarantine
    This sends any unauthorised emails into the spam folder

  • p=reject
    This is ultimately the final goal when implementing DMARC; it ensures that any unauthorised email doesn’t get delivered at all

How does DMARC work?

DMARC works by checking whether an email passes SPF and DKIM (or both), in a process that is known as ‘DMARC alignment’ or identifier alignment. This status check provides a check entry that informs the email domain’s policy. The DMARC record tells email servers to send XML file reports back to the reporting email address that has been supplied. The detailed reports provide insight into how an email moves through the system, allowing businesses and individuals to identify everything that is using their email domain.

To deploy DMARC email authentication, a DMARC record will need to be published in the DNS.

Why use DMARC for email?

Without DMARC email authenticator, it can prove difficult to determine whether an email is real or fake. And with email being involved in “more than 90% of all network attacks”, it is vital businesses have a tool that aids them in deciphering the deceitful from the authentic.

The number one benefit to using DMARC is that it allows domain owners to protect their email domains from unauthorised use; it is leading the way in the fight against phishing, spoofing, CEO fraud and business email compromise.

What are the benefits of using DMARC?

The main benefit for using DMARC is that it enables domain owners greater brand reliability as well as visibility and insight into on how their domains are being used. Enabling them to see who and what is sending emails using their email domain.

With strong security controls deployed against fraudulent email, DMARC protects people from spam, fraud and phishing; therefore, it’s a great tool at disallowing unauthorised use of your email domain.

Businesses can disallow unauthorised use of their email domain, which in turn also helps the email community to establish a consistent and up to date policy for handling emails that fail to authenticate. This strengthens the email system, creating more security and trust.

By publishing DMARC records, it better protects your brand, preventing unauthenticated parties from sending emails via your domain. Often, this implementation can result in a positive reputation increase for your brand or business.

  • Security
  • Visibility
  • Delivery
  • Identity
  • Reputation

Protect your email channel, contact Bluecube

Looking for help with your email security? We have a specialist IT security team that can help secure your IT systems and better secure your network, give us a call today on 0845 257 8010, alternatively, you can fill out our online enquiry form, and we’ll be in touch as soon as possible.