CyAlly Advisories and Publications

What is DMARC

Written by CyAlly Advisory Team | Oct 20, 2023 3:51:14 PM

DMARC is a standard email authentication method. DMARC helps mail administrators prevent hackers and other attackers from spoofing their organization and domain. Spoofing is a type of attack in which the From address of an email message is forged. A spoofed message appears to be from the impersonated organization or domain.

DMARC also lets you request reports from email servers that get messages from your organization or domain. These reports have information to help you identify possible authentication issues and malicious activity for messages sent from your domain.

Spammers can spoof your domain or organization to send fake messages that impersonate your organization. DMARC tells receiving mail servers what to do when they get a message that appears to be from your organization, but doesn’t pass authentication checks, or doesn’t meet the authentication requirements in your DMARC policy record. Messages that aren’t authenticated might be impersonating your organization, or might be sent from unauthorized servers.


DMARC is always used with these two email authentication methods or checks:

  • Sender Policy Framework (SPF) lets the domain owner authorize IP addresses that are allowed to send email for the domain. Receiving servers can verify that messages appearing to come from a specific domain are sent from servers allowed by the domain owner.
  • Domain Keys Identified Mail (DKIM) adds a digital signature to every sent message. Receiving servers use the signature to verify messages are authentic, and weren’t forged or changed during transit.