What is DMARC? DMARC (Domain-based Message Authentication, Reporting and Conformance) is an email authentication system that protects your organization’s domains from spoofing, phishing and other cyber attacks. It builds on the widely deployed email verification techniques, SPF (Sender Policy Framework) and DKIM (Domain Keys Identified Mail).
SPF (Sender Policy Framework) is an email validation technique that allows you to publish a record on the DNS (Domain Name System) specifying the email servers that are allowed to send emails on your behalf.
After learning the basics of what is DMARC, we come to the 2 authentication standards that it builds on. DKIM (Domain Key Identified Mail) leverages the Public Key Infrastructure (PKI) cryptography scheme to validate an email. The system sending your email signs it with your domain’s Private key and the system receiving your email validates it by looking up and using the Public Key(s) you’ve published on the DNS.
Let’s talk about what is DMARC protecting you against. DMARC, along with Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM) work together to secure your inbox from malicious outsiders. SPF creates a record of all the IP addresses that are safe to receive emails from and rejects emails that don’t belong in the list.
Moving on from what is DMARC, SMTP MTA-STS (Mail Transfer Agent Strict Transport Security) is an email security mechanism that notifies senders of your ability to receive emails over TLS secure SMTP connections. It also advises senders on whether or not to deliver the email if a TLS secure SMTP connection cannot be established.
Unlike SPF/DKIM and DMARC, MTA-STS policies are published on an HTTPS server that needs to be set up and maintained. Therefore, we offer Hosted MTA-STS services that can take care of that for you using a few clicks.
When combined with MTA-STS, TLS reporting provides you with information on email transported over TLS. The information conveyed within these reports is broken down and displayed in a human-friendly manner on your PowerDMARC dashboard, providing you valuable insights on your email security.
BIMI (Brand Indicators for Message Identification) is a new email verification method that allows you to publish a DNS txt record containing information on your brand logo. This allows your logo to be displayed in supported inboxes and provides an authentication mechanism where receivers can compare the logo accompanying your email to that published in your DNS record.
Ready to prevent brand abuse, scams and gain full insight on your email channel?
