NIST recommends DMARC

Did you know that NIST recommends DMARC for a safer email experience? Email is the most common method of communication. It is used for work, personal, and hobby purposes. Email security is essential because it allows you to communicate with your customers and business partners without worrying about the safety of your communication. With email phishing attacks, you can easily get tricked into sending sensitive information to a fake email address that merely impersonates the real deal.

If you don’t secure your emails, anyone can spoof your domain and use the information in your messages to steal from you or take advantage of your good intentions.

Recognizing the impending peril, and susceptibility of domain owners to email threats and vulnerabilities, The National Institute of Standards and Technology (NIST) in their NIST Special Publication 800-177 has encouraged SPF, DKIM, and DMARC deployment for maintaining trustworthy SMTP email communications. 

Why does NIST recommend DMARC Deployment?

NIST recommends DMARC deployment for Truthworthy Email

In their special publication titled Trustworthy Email, the National Institute of Standards and Technology highlights the purpose of authenticating the sending domain. It is to ensure that the sender is legitimate and the receiver can trust them. If a recipient were to send a message to someone who isn’t authenticated, it could be seen as spam or an attempt at fraud.

It’s a security measure that makes sure that an email you’re receiving isn’t fake. It’s also important because if you have a phishing scam or other kind of fraudulent email incoming in your inbox, authenticating the sending domain can help your computer recognize the message as a scam and block it from being delivered to your inbox.


NIST highlights the following use cases in which the deployment of email authentication protocols (aka DMARC, SPF, and DKIM) can come in handy: 

  • A DMARC policy helps specify email receiving servers how to handle unauthorized emails by aligning domain identifiers (SPF and/or DKIM) 
  • SPF maintains a list of IP addresses that are authorized to send emails on behalf of a domain to ensure unauthenticated third parties are restricted
  • DKIM mitigates email interception and alteration in transit by affixing unique digital signatures to the email body 

According to the NIST, DMARC deployment is crucial to increasing the security of email communications. The organization says that DMARC helps combat email spoofing by providing a mechanism for delivering messages only from authorized senders.

As an extension of this recommendation, an organization can also implement DMARC reporting to monitor authentication results and troubleshoot security incidents. 

How can we help?

PowerDMARC is on a mission to promote trustworthy email through easy and effective DMARC deployment, enforcement, and monitoring on a user-friendly SaaS platform. Our full-stack email authentication services target email security threats to provide an authenticated email experience. Get in touch with an expert today by signing up for a free DMARC trial!