0Pricing
Cyber Security Academy · Lesson

DMARC Policy and Reporting

Enforcing alignment and reading reports.

What DMARC Adds

DMARC (Domain-based Message Authentication, Reporting and Conformance) ties SPF and DKIM together and fixes their biggest blind spot.

SPF and DKIM each authenticate a domain, but not necessarily the visible From header the user sees. DMARC requires that authentication aligns with the From domain, and it tells receivers what to do when a message fails, plus it sends you reports.

The Concept of Alignment

Alignment is the heart of DMARC. A message passes DMARC only if it passes SPF or DKIM and that authenticated domain matches the visible From domain.

  • SPF alignment — the envelope MAIL FROM domain matches the From domain
  • DKIM alignment — the DKIM d= domain matches the From domain

This is what stops an attacker who passes SPF for their own domain while displaying your domain in From.

All lessons in this course

  1. How Email Spoofing Works
  2. SPF Records
  3. DKIM Signing
  4. DMARC Policy and Reporting
← Back to Cyber Security Academy