Domain-based Message Authentication, Reporting & Performance (DMARC) is an email authentication protocol that is used together with SPF and DKIM to defend against email spoofing. Email spoofing, or domain spoofing, happens when an attacker uses your domain in the "from" field of an email to make the message appear to be sent by someone from your organization. DMARC helps a mail server check whether an inbound message is legitimate, and lets the server know what to do with the message if it fails SPF or DKIM authentication.

DMARC Policy | Mimecast

Q: What is a DMARC policy?

A DMARC policy tells receiving email servers what to do with an email that fails a DMARC check . A DMARC policy can specify that the receiver reject, quarantine or do nothing with the email. Rejected emails will bounce and not end up in any folders within the receiving email server. Quarantined emails will be sent to a special folder like a junk/spam folder. Emails for which the DMARC policy is to do nothing will be sent along to the recipient. In all cases, the domain owner receives reports about which messages are authenticating and which are not, enabling the organization to begin analyzing who is sending emails on its behalf.

Q: What is a DMARC record check?

When deploying DMARC, it's necessary to have a valid DMARC record. A DMARC record check is a tool that tests a DMARC record to see whether it's valid. Mimecast offers a free DMARC record check tool that will parse your DMARC record and display the results. Mimecast also offers SPF and DKIM record checks .

Defend against domain spoofing with a DMARC policy

As the number of impersonation and spoofing attacks continues to rise, many organizations are turning to DMARC policy and protocols to stop these malware-less attacks.

In a spoofing attack, a cybercriminal sends an email that appears to come from someone in your company in an attempt to trick the recipient into transferring money, revealing credentials or sharing sensitive information. Spoofed emails may target your own employees and customers as well as suppliers and partners.

Domain-based Message Authentication, Reporting & Conformance, or DMARC, is a protocol for authenticating email that can put an end to spoofing attacks. DMARC builds on the SPF and DKIM authentication protocols that are currently widely used. By establishing a DMARC policy, organizations can let receiving email servers know how to validate messages from their domain and what to do with email that fails to authenticate.

While DMARC can provide a critical layer of protection against spoofing attacks, implementing the DMARC protocol and establishing DMARC policy can be costly and complex, and managing and analyzing DMARC reporting on an ongoing basis can be time-consuming. It's no wonder, then, that so many organizations adopting DMARC policy turn to Mimecast for help in implementing and managing the DMARC protocol.

Defend against domain spoofing with a DMARC policy

Mimecast DMARC Analyzer

Mimecast DMARC analyzer acts as an expert guide, helping to speed and simplify implementation of DMARC policy. With DMARC analyzer, you can move toward a DMARC test protocol and reject policy as fast as possible. This cloud-based solution empowers you to easily manage complex DMARC deployment, providing faster insight into who is sending email on your behalf and determining which email is legitimate and which is not.

Mimecast DMARC analyzer enables you to:

Simplify DMARC deployment with a step-by-step approach and self-service tools.
Get 360° visibility and governance across all email channels with an easy-to-use service.
Configure alerts, reports and charts that enable you to enforce DMARC policy sooner and monitor ongoing performance.

A simpler way to establish DMARC policy

To simplify deployment of DMARC protocols and establishment of DMARC policy, Mimecast DMARC Analyzer provides a 100% SaaS-based solution that reduces the time and complexity of enforcing DMARC authentication. DMARC analyzer includes:

Management of unlimited users, domains and domain groups to easily achieve full coverage.
Forensic reports that streamline the task of tracking down malicious email sources.
Easy-to-digest aggregate reports and charts for faster analysis and DMARC policy enforcement.
Fast and easy updates to DNS records with a setup wizard for DMARC records.
Options for DMARC Office 365 configuration.
The ability to track progress over time by reviewing summary daily and weekly reports.
Two-factor authentication to enhance security.
Proactive email prompts that are issued when a DNS record changes.
A managed service option that delivers deployment and project management expertise proven to help reduce risk and enforcing DMARC policy in the shortest time possible.

Mimecast Impersonation Protect and other email security solutions

Mimecast DMARC analyzer can be combined with Mimecast Impersonation Protect and other Mimecast email security solutions to deploy comprehensive defenses against email and domain spoofing.

Mimecast Impersonation Protect scans all inbound email looking for key indicators that a message may be trying to impersonate a trusted sender. Impersonation Protect provides:

Real-time scanning of all inbound emails to detect header anomalies, domain similarity, sender spoofing, suspect email body content and recently registered domains that may be part of a spoofing attack.
Protection against external domain similarity to prevent attackers from exploiting relationships with trusted third parties and well-known Internet brands.
Inspection across multiple international character sets to spot potential domain similarity.
Centralized policy management that streamlines management and reporting.
Options for handling suspicious email that include blocking, quarantining or allowing the email to go to the recipient with a warning.
A Custom Targeted Threat Dictionary managed by Mimecast that identifies key terms frequently used by attackers.

Additional Mimecast email security solutions include a secure email gateway and defenses against malicious URLs and attachments and attacks that are launched or spread through internal emails.

Mimecast Impersonation Protect and other email security solutions

FAQs: What is a DMARC policy?

What is DMARC?

DMARC – or Domain-based Message Authentication, Reporting and Conformance – is a protocol for email authentication, policy and reporting. Designed to help prevent email impersonation, DMARC allows senders to let recipients know that messages are protected by Sender Policy Framework (SPF) and DomainKeys Identified Message (DKIM) protocols and provides instructions for how to handle messages that don't pass either of these authentication methods.

What is a DMARC check?

DMARC enables receiving mail servers to check for alignment between the domain names in the "header from" and the "envelope from" information in an email using SPF authentication, and between the "header from" domain name and the "d= domain name" in the DKIM signature. If a message fails both SPF and DKIM authentication and alignment, a receiving mail server can perform a DMARC check of the sender's DMARC policy to determine whether the email message should be accepted, blocked or quarantined.

What is a DMARC record check?

In order to implement DMARC, organizations need a valid DMARC record. A DMARC record check is a tool that displays an organization's DMARC record while testing and verifying it to determine whether it's valid. Mimecast offers a free DMARC record check service that will test and parse a DMARC record and display it along with additional information.

DMARC Policy

Mimecast offers support to help adopt the DMARC policy in order to easily implement and manage the DMARC protocol.