ZW3B

Prevent spoofing and phishing with DMARC

DMARC is a technical specification created by a group of organizations that want to help reduce the misuse of emails, such as spam, phishing, by providing a solution for deploying and monitoring problems related to their authentication.

This technology has been standardized by the Internet Engineering Task Force (IETF) in the RFC 7489.

DMARC standardizes how recipients (in the sense of recipient MTAs) perform email authentication using the Sender Policy Framework and DomainKeys Identified Mail mechanisms. This means that the sender (in the sense of a sending MTA) will receive the results of the authentication of its messages by any recipient that implements DMARC.

Domain-based Message Authentication, Reporting, and Conformance

DMARC (Domain-based Message Authentication, Reporting, and Conformance) is a standard email authentication method. DMARC allows email administrators to prevent hackers from impersonating their organization and domain. Spoofing is a type of attack in which the address in the From field of an email is spoofed. A spoofing message appears to come from the spoofed organization or domain.

DMARC also lets you request reports from mail servers that receive mail from your organization or domain. These reports contain information to help you identify possible authentication issues and malicious activity related to messages sent from your domain.

DMARC prevents spoofing and phishing

Spammers can spoof your domain or organization to send fraudulent messages that impersonate your organization. DMARC tells mail servers what action to take when they receive a message that appears to come from your organization, but does not pass authentication checks or does not meet the authentication criteria of your DMARC rule record. Messages that aren't authenticated can impersonate your organization or be sent from unauthorized servers.

DMARC is always used with the following two authentication methods or controls:

• The Sender Policy Framework (SPF) protocol allows the domain owner to authorize IP addresses to send email for the domain. Receiving servers can verify that messages from a specific domain are sent from servers authorized by the domain owner.
• DKIM (Domain Keys Identified Mail) adds a digital signature to every message sent. Receiving servers use this signature to verify that messages are authentic and have not been tampered with or altered during sending.

Information DMARC:

• DMARC Official Website
  • Articles, Tutorials and Videos
  • Deployment Tools
• DMARC: Implementation Guidelines for mail domain protection (ITSP.40.065 v1.1) from Canadian Center for CyberSecurity.

• Google : About DMARC

• Seznam N€poveda: DMARC info