{"id":8160,"date":"2020-10-25T10:21:00","date_gmt":"2020-10-25T10:21:00","guid":{"rendered":"https:\/\/gtechbooster.com\/?p=8160"},"modified":"2023-07-25T10:59:55","modified_gmt":"2023-07-25T10:59:55","slug":"the-reason-for-dmarc","status":"publish","type":"post","link":"https:\/\/gtechbooster.com\/the-reason-for-dmarc\/","title":{"rendered":"The reason for DMARC"},"content":{"rendered":"\n<p>Email authentication technologies SPF and DKIM were developed over a decade ago in order to provide greater assurance on the identity of the sender of a message. Adoption of these technologies has steadily increased but the problem of fraudulent and deceptive emails has not abated. It would seem that if senders used these technologies, then email receivers would easily be able to differentiate the fraudulent messages from the ones that properly authenticated to the domain. Unfortunately, it has not worked out that way for a number of reasons.<\/p>\n\n\n\n<ul class=\"has-palette-color-5-background-color has-background wp-block-list\">\n<li>Many senders have a complex email environment with many systems sending email, often including 3rd party service providers. Ensuring that every message can be authenticated using SPF or DKIM is a complex task, particularly given that these environments are in a perpetual state of flux.<\/li>\n\n\n\n<li>If a domain owner sends a mix of messages, some of which can be authenticated and others that can\u2019t, then email receivers are forced to discern between the legitimate messages that don\u2019t authenticate and the fraudulent messages that also don\u2019t authenticate. By nature, spam algorithms are error prone and need to constantly evolve to respond to the changing tactics of spammers. The result is that some fraudulent messages will inevitably make their way to the end user\u2019s inbox.<\/li>\n\n\n\n<li>Senders get very poor feedback on their mail authentication deployments. Unless messages bounce back to the sender, there is no way to determine how many legitimate messages are being sent that can\u2019t be authenticated or even the scope of the fraudulent emails that are spoofing the sender\u2019s domain. This makes troubleshooting mail authentication issues very hard, particularly in complex mail environments.<\/li>\n\n\n\n<li>Even if a sender has buttoned down their mail authentication infrastructure and all of their legitimate messages can be authenticated, email receivers are wary to reject unauthenticated messages because they cannot be sure that there is not some stream of legitimate messages that are going unsigned.<\/li>\n<\/ul>\n\n\n\n<div class=\"gtech-migrated-from-ad-inserter-placement-2\" style=\"text-align: center;\" id=\"gtech-2026152603\"><div style=\"margin-right: auto;margin-left: auto;text-align: center;\" id=\"gtech-3921167536\"><a data-bid=\"1\" data-no-instant=\"1\" href=\"https:\/\/gtechbooster.com\/linkout\/17207\" rel=\"noopener\" class=\"notrack\" aria-label=\"26001\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/gtechbooster.com\/media\/2023\/01\/26001.jpeg\" alt=\"\"  srcset=\"https:\/\/gtechbooster.com\/media\/2023\/01\/26001.jpeg 1024w, https:\/\/gtechbooster.com\/media\/2023\/01\/26001-768x960.jpeg 768w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" width=\"500\" height=\"625\"  style=\"display: inline-block;\" \/><\/a><\/div><\/div><p>The only way these problems can be addressed is when senders and receivers share information with each other. Receivers supply senders with information about their mail authentication infrastructure while senders tell receivers what to do when a message is received that does not authenticate.<\/p>\n\n\n\n<p>In 2007, PayPal pioneered this approach and worked out a system with Yahoo! Mail and later Gmail to collaborate in this fashion. The results were extremely effective, leading to a significant decrease in suspected fraudulent email purported to be from PayPal being accepted by these receivers.<\/p>\n\n\n\n<p>The goal of DMARC is to build on this system of senders and receivers collaborating to improve mail authentication practices of senders and enable receivers to reject unauthenticated messages.<\/p>\n\n\n\n<h6 class=\"wp-block-heading\">More Information \u2139<\/h6>\n\n\n\n<ul class=\"wp-block-list\">\n<li><a rel=\"noreferrer noopener\" href=\"https:\/\/dmarc.org\/overview\/\" target=\"_blank\">DMARC<\/a><\/li>\n\n\n\n<li><a rel=\"noreferrer noopener\" href=\"https:\/\/www.agari.com\/email-security-blog\/pros-cons-dmarc-reject-vs-quarantine\/\" target=\"_blank\">DMARC quarantine vs reject<\/a><\/li>\n<\/ul>\n<div class=\"gtech-end-cont\" id=\"gtech-3126173725\"><div style=\"margin-right: auto;margin-left: auto;text-align: center;\" id=\"gtech-2076301305\"><a data-bid=\"1\" data-no-instant=\"1\" href=\"https:\/\/gtechbooster.com\/linkout\/17207\" rel=\"noopener\" class=\"notrack\" aria-label=\"26001\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/gtechbooster.com\/media\/2023\/01\/26001.jpeg\" alt=\"\"  srcset=\"https:\/\/gtechbooster.com\/media\/2023\/01\/26001.jpeg 1024w, https:\/\/gtechbooster.com\/media\/2023\/01\/26001-768x960.jpeg 768w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" width=\"500\" height=\"625\"  style=\"display: inline-block;\" \/><\/a><\/div><\/div>","protected":false},"excerpt":{"rendered":"<p>Domain-based Message Authentication, Reporting &#038; Conformance, is an email authentication, policy, and reporting protocol.<\/p>\n","protected":false},"author":7,"featured_media":21588,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[1271,1270,1153,457,1272],"class_list":["post-8160","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-internet","tag-dkim","tag-dmarc","tag-electronic-mail","tag-network","tag-spf"],"blocksy_meta":{"styles_descriptor":{"styles":{"desktop":"","tablet":"","mobile":""},"google_fonts":[],"version":6}},"_links":{"self":[{"href":"https:\/\/gtechbooster.com\/api-json\/wp\/v2\/posts\/8160","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/gtechbooster.com\/api-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/gtechbooster.com\/api-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/gtechbooster.com\/api-json\/wp\/v2\/users\/7"}],"replies":[{"embeddable":true,"href":"https:\/\/gtechbooster.com\/api-json\/wp\/v2\/comments?post=8160"}],"version-history":[{"count":0,"href":"https:\/\/gtechbooster.com\/api-json\/wp\/v2\/posts\/8160\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/gtechbooster.com\/api-json\/wp\/v2\/media\/21588"}],"wp:attachment":[{"href":"https:\/\/gtechbooster.com\/api-json\/wp\/v2\/media?parent=8160"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/gtechbooster.com\/api-json\/wp\/v2\/categories?post=8160"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/gtechbooster.com\/api-json\/wp\/v2\/tags?post=8160"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}