This is a selection of our blog content that includes useful articles on understanding, deploying and managing DMARC, SPF, DKIM and related technologies.
When the EU passed the General Data Protection Regulation (GDPR) it triggered a worldwide examination of different types of data, including the data found in DMARC Aggregate (RUA) and Failure (RUF) reports. A legal analysis from ECO, the German Internet Industry group, breaks down all aspects of DMARC data and the concerns involved related to…
As many of you may have noticed, there have recently been some changes to the UI regarding subdomains. After talking with people about how subdomains were being used and abused across the internet, we decided to spend some time rethinking how dmarcian process, sorts and displays subdomains. These new changes allow our system to handle…
People sometimes run into the “too many DNS lookups” error when rolling out and managing SPF. It doesn’t help that there is a lot of bad guidance on the Internet. This article describes how to fix this issue.
A common problem many people face when implementing DMARC for the first time is that they are not receiving aggregate XML reports (reports generated for delivery to the rua= tag) in their dmarcian account. These XML reports are the driving force of DMARC. Without them, it’s very difficult to get an accurate picture of your domain’s…
A domain’s DMARC record can tell the world to send DMARC reports to a different domain. For example, the domain example.org might have a DMARC record of: v=DMARC1; p=none; rua=mailto:dmarc_reports@sample.net This DMARC record tells people to send reports regarding example.org to the email address of dmarc_reports@sample.net. Before reports are sent, sample.net must tell the world…
To turn DMARC into something useful to people, dmarcian processes DMARC data using a big pile of rules. These rules identify sources of email, and dmarcian presents users with DMARC compliance information based on email source. One identified source of email is called “SPF-Identified Servers”, and dmarcian users are often curious as to how data ends up in…
dmarcian maintains rules to classify DMARC data into 4 high level categories. Our categories are: DMARC Capable Non-compliant Sources Forwarders Threat/Unknown
How can you eventually move to a p=reject policy when third parties are unable to send email properly on your behalf? In many cases, a DMARC compliant SMTP relay server can be used to do the trick. In this article, we’ll explore some of the facets of sending DMARC compliant email from third parties, what…
Sending On Behalf Of Others: Sub-Domain Delegation With CNAMEs This article expands on the “CNAMEs” approach described in the larger How to send DMARC-compliant email on behalf of others article. An assumption is that the reader is sending email on behalf of others, and desires to send such email in a manner compliant with DMARC.
Sending On Behalf Of Others: Full Sub-Domain Delegation This article expands on the “full delegation” approach described in the larger How to send DMARC-compliant email on behalf of others article. An assumption is that the reader is sending email on behalf of others, and desires to send such email in a manner compliant with DMARC.
© 2020 dmarcian. dmarcian is a registered trademark of dmarcian, Inc.