In this article, you will learn about the DMARC with its importance. Here, we will also discuss DMARC record, DMARC tags, and the three policy of DMARC.
What is DMARC?
DMARC is short form of Domain-Based Message Authentication, Reporting, and Conformance. DMARC is an email validation and security protocol which is mainly designed for protecting the email domain by using the existing SPF and DKIM authentication techniques. It also adds reporting which is an important function.The main objective of DMARC is to protect your email domain from unauthorized access such as email spoofing, phishing scams, and other cyber threat activities.
This email security protocol was first established in 2012 for protecting the email abuse. It is also published as “Informational” in the RFC 7489 document of Internet Engineering Task Force in March 2015.
We can apply the DMARC in a specific domain by adding the DMARC record in the DNS settings of domain.
Another main goal of this is to protect the companies and to maintain the reputation of the company in the market. This technique rejects those messages or mails which does not follow the standards of DMARC.
Another main goal of this is to protect the companies and to maintain the reputation of the company in the market. This technique rejects those messages or mails which does not follow the standards of DMARC.
Why DMARC is important?
Here, we will discuss why DMARC is important to implement:1. DMARC report allows you to see who is sending email using your email domain across the Internet. We can also see what is included in the mail.
2. It also enables us to restrict the illegal use of our email address by the hackers or fraudsters.
3. It protects CEO, high-level executives, co-workers, and customers from the email-related fraud activities.
4. It minimizes the chances of spam, fraud, and phishing attacks.
5. It widely helps in improving the reputation of the domain name in which DMARC record is established. The DMARC record provides a quick boost in the reputation after publishing.
What is DMARC Record?
DMARC record is a TXT record which is published in DNS for storing the DMARC policies of the domain.
The DMARC record contains the policies which help in protecting the email from fraud and phishing attacks. In a DMARC record, DMARC tags are used which are separated by a semicolon (;).
What are DMARC Tags?
The tags in DMARC tells the instructions to the email server during the mail transmission. The domain owner defines the value for each tag.In a DMARC record, each tag-value pair has its unique meaning. Here, we will discuss all the tags used in the DMARC record.
Following are the various tags used in the DMARC record:
1. v: It is a first important tag which shows the protocol version of the DMARC. Its value is DMARC1.
2. p: It is the second important tag which shows the DMARC policy. Its value can be one from the following three options:
a) none,
b) quarantine, and
c) reject.
3. rua: This tag is optional but DMARC recommends to add. It specifies that URI or email address where aggregate data should be sent.
4. ruf: It is an optional tag which defines that URI or email address where forensic report should be sent. This tag is necessary to request failure reports of DMARC.
5. pct: This tag shows the percentage of email messages to which the DMARC policy is applicable. The value of pct will exist between 0 and 100 in an integer form.
6. aspf: It is also an optional tag that shows the alignment mode for SPF. Its value can be either relaxed or strict, but its default value is relaxed. Here, relaxed is indicated by r and strict is indicated by s.
7. adkim: It is also an optional tag that shows the alignment mode for DKIM. Its value can be either relaxed or strict, but its default value is relaxed, i.e., r.
8. sp: It is also an optional tag which handles or maintains the DMARC policy for the subdomains.
9. fo: This tag is optional but DMARC recommends to use it. It describes how failure reports are created and introduced to the owners of DMARC. 0, 1, d, and s are the four values of ‘fo’ tag. We assign these values to fo tag using colon.
If we have not defined the ruf tag in the DMARC record, then we will ignore this.
1. v: It is a first important tag which shows the protocol version of the DMARC. Its value is DMARC1.
2. p: It is the second important tag which shows the DMARC policy. Its value can be one from the following three options:
a) none,
b) quarantine, and
c) reject.
3. rua: This tag is optional but DMARC recommends to add. It specifies that URI or email address where aggregate data should be sent.
4. ruf: It is an optional tag which defines that URI or email address where forensic report should be sent. This tag is necessary to request failure reports of DMARC.
5. pct: This tag shows the percentage of email messages to which the DMARC policy is applicable. The value of pct will exist between 0 and 100 in an integer form.
6. aspf: It is also an optional tag that shows the alignment mode for SPF. Its value can be either relaxed or strict, but its default value is relaxed. Here, relaxed is indicated by r and strict is indicated by s.
7. adkim: It is also an optional tag that shows the alignment mode for DKIM. Its value can be either relaxed or strict, but its default value is relaxed, i.e., r.
8. sp: It is also an optional tag which handles or maintains the DMARC policy for the subdomains.
9. fo: This tag is optional but DMARC recommends to use it. It describes how failure reports are created and introduced to the owners of DMARC. 0, 1, d, and s are the four values of ‘fo’ tag. We assign these values to fo tag using colon.
If we have not defined the ruf tag in the DMARC record, then we will ignore this.
What are the DMARC Three Policies?
DMARC three policy tells the email servers what to do if an unauthorized activity is found. In the DMARC record, policy is defined by the following syntax:p = policy;
The three policies of DMARC are as follows:
1. p = none
2. p = quarantine
3. p = reject
p=none
It is the simplest policy of DMARC which only identifies the email fraud activities. It does not allow email server to perform any action again fraud. If we specified this policy in DMARC record, then the fraud email just go to the inbox of the DMARC owner.Sometimes, it is also known as monitor policy.
p=quarantine
This policy of DMARC allows the email server to send the unauthorized emails to the junk or spam folder of the DMARC owner.p=reject
This policy of DMARC allows the email server to block all the unauthorized email messages.Example of DMARC Record
The DMARC record contains at least two tags (v and p).The following block shows an example of a DMARC record:
v=DMARC1\; p=none\; rua=mailto:dmarc-aggregate@mydomain.com\;
This example uses following components or tags:
1. v: This tag/component indicates the DMARC record and also defines its version.
2. p: This tag/component indicates the DMARC policy.
3. rua: This tag/component contains the email address where aggregate report should be sent.
1. v: This tag/component indicates the DMARC record and also defines its version.
2. p: This tag/component indicates the DMARC policy.
3. rua: This tag/component contains the email address where aggregate report should be sent.