Domain-based Message Authentication, Reporting and Conformance (DMARC) is an email-validation system designed to detect and prevent spam and phishing. With the growth of internet and the World Wide Web, spammers and phishers more often attack users’ accounts and steal passwords, bank accounts, and credit cards. Emails are sent on behalf of a well-known company or brand and it is easy to forge. That’s why phishers use mailings for fraudulent purposes. The email providers are forced to track whether sent emails are from real companies or from fake ones and decide to deliver such messages or not, because it might harm users. DMARC helps email senders and receivers work together to better secure emails, protecting users and brands from painfully costly abuse.
How does DMARC work?
A DMARC policy allows a sender to indicate that their messages are protected by SPF and/or DKIM, and tells a receiver what to do if neither of those authentication methods passes (such as junk or it rejects the message). DMARC removes the guesswork from the receiver’s handling of these failed messages, limiting or eliminating the user’s exposure to potentially fraudulent and harmful messages. DMARC also provides a way for the email receiver to report back to the sender about messages that pass and/or fail DMARC evaluation.
DMARC focuses on two existing methods: Sender Policy Framework (SPF) and Domain Keys Identified Mail (DKIM). It allows the administrative owner of a domain to publish a policy on which mechanism (DKIM, SPF, or both) is employed when sending email from that domain and how the receiver should deal with failures.
Read the DMARC official site for more detailed information.