Page 33 - index
P. 33
BUZZWords
DMARC - Domain-based
Message Authentication,
Reporting and
Conformance
Domain-based Message Authenti- stead it requires that a message er about messages that pass and/
cation, Reporting and Conform- not only pass DKIM or SPF valida- or fail DMARC evaluation.
ance, for short DMARC, is a meth- tion, but that it also pass alignment.
od of email authentication and a For SPF, the message must PASS DMARC policies are published in
way to mitigate email abuse. Devel- the SPF check, and the domain in the public Domain Name System
oped on two existing mechanisms, the From: header must match the (DNS) as text (TXT) resource rec-
the well-known Sender Policy domain used to validate SPF. For ords (RR) and announce what an
Framework (SPF) as well as Do- DKIM, the message must be validly email receiver should do with non-
mainKeys Identified Mail (DKIM), it signed and the d= domain of the aligned mail it receives.
coordinates their results on the valid signature must align with the
alignment of the domain in the domain in the From: header. In The concept behind DMARC is
From: header field, which is often both cases it must exactly match based on practical experience dur-
visible to end users. for strict alignment, or must be a ing loose collaborations between
sub-domain for relaxed alignment. some of the founding senders and
Under DMARC a message can fail
DMARC is designed to fit into an even if it passes SPF or DKIM, but receivers who agreed on how to
organization's existing inbound interpret mail coming from domains
email authentication process. The fails alignment. supporting DKIM and SPF. Impres-
way it works is to help email receiv- sive is that just after one year, in
ers determine if the purported mes- Quite obviously, DMARC removes 2013, DMARC was estimated to
sage aligns with what the receiver guesswork from the receiver's han- protect 60% of the world's mailbox-
knows about the sender. If not, dling of these failed messages, lim- es. ◊
DMARC includes guidance on how iting or eliminating the user's expo-
to handle the "non-aligned" mes- sure to potentially fraudulent & By MediaBUZZ
sages. What should be emphasized harmful messages and at the same
here is that DMARC doesn't directly time provides a way for the email
address whether or not an email is receiver to report back to the send-
spam or otherwise fraudulent, in-
MediaBUZZ Pte Ltd - Independant ePublisher for Asia
DMARC - Domain-based
Message Authentication,
Reporting and
Conformance
Domain-based Message Authenti- stead it requires that a message er about messages that pass and/
cation, Reporting and Conform- not only pass DKIM or SPF valida- or fail DMARC evaluation.
ance, for short DMARC, is a meth- tion, but that it also pass alignment.
od of email authentication and a For SPF, the message must PASS DMARC policies are published in
way to mitigate email abuse. Devel- the SPF check, and the domain in the public Domain Name System
oped on two existing mechanisms, the From: header must match the (DNS) as text (TXT) resource rec-
the well-known Sender Policy domain used to validate SPF. For ords (RR) and announce what an
Framework (SPF) as well as Do- DKIM, the message must be validly email receiver should do with non-
mainKeys Identified Mail (DKIM), it signed and the d= domain of the aligned mail it receives.
coordinates their results on the valid signature must align with the
alignment of the domain in the domain in the From: header. In The concept behind DMARC is
From: header field, which is often both cases it must exactly match based on practical experience dur-
visible to end users. for strict alignment, or must be a ing loose collaborations between
sub-domain for relaxed alignment. some of the founding senders and
Under DMARC a message can fail
DMARC is designed to fit into an even if it passes SPF or DKIM, but receivers who agreed on how to
organization's existing inbound interpret mail coming from domains
email authentication process. The fails alignment. supporting DKIM and SPF. Impres-
way it works is to help email receiv- sive is that just after one year, in
ers determine if the purported mes- Quite obviously, DMARC removes 2013, DMARC was estimated to
sage aligns with what the receiver guesswork from the receiver's han- protect 60% of the world's mailbox-
knows about the sender. If not, dling of these failed messages, lim- es. ◊
DMARC includes guidance on how iting or eliminating the user's expo-
to handle the "non-aligned" mes- sure to potentially fraudulent & By MediaBUZZ
sages. What should be emphasized harmful messages and at the same
here is that DMARC doesn't directly time provides a way for the email
address whether or not an email is receiver to report back to the send-
spam or otherwise fraudulent, in-
MediaBUZZ Pte Ltd - Independant ePublisher for Asia
