This is a selection of our blog content that includes useful articles on understanding, deploying and managing DMARC, SPF, DKIM and related technologies.
People sometimes run into the “too many DNS lookups” error when rolling out and managing SPF. It doesn’t help that there is a lot of bad guidance on the Internet. This article describes how to fix this issue.
A common problem many people face when implementing DMARC for the first time is that they are not receiving aggregate XML reports (reports generated for delivery to the rua= tag) in their dmarcian account. These XML reports are the driving force of DMARC. Without them, it’s very difficult to get an accurate picture of your domain’s…
A domain’s DMARC record can tell the world to send DMARC reports to a different domain. For example, the domain example.org might have a DMARC record of: v=DMARC1; p=none; rua=mailto:dmarc_reports@sample.net This DMARC record tells people to send reports regarding example.org to the email address of dmarc_reports@sample.net. Before reports are sent, sample.net must tell the world…
To turn DMARC into something useful to people, dmarcian processes DMARC data using a big pile of rules. These rules identify sources of email, and dmarcian presents users with DMARC compliance information based on email source. One identified source of email is called “SPF-Identified Servers”, and dmarcian users are often curious as to how data ends up in…
dmarcian maintains rules to classify DMARC data into 4 high level categories. Our categories are: DMARC Capable Non-compliant Sources Forwarders Threat/Unknown
How can you eventually move to a p=reject policy when third parties are unable to send email properly on your behalf? In many cases, a DMARC compliant SMTP relay server can be used to do the trick. In this article, we’ll explore some of the facets of sending DMARC compliant email from third parties, what…
CNAME-based delegation is when a domain owner creates several CNAMEs that point back to your own domain. In contrast with full sub-domain delegation, individual services are delegated by each CNAME.
Part of the Sending On Behalf Of Others (SOBOO) Series This article expands on the “full delegation” approach described in the larger How to send DMARC-compliant email on behalf of others article. An assumption is that the reader is sending email on behalf of others, and desires to send such email in a manner compliant…
The phrase No Auth, No Entry is being used to communicate what will soon be required to get email delivered into Gmail.
Domain owners can publish policies that will be applied to email that is not compliant with DMARC: p=none is used to collect feedback and gain visibility into email streams without impacting existing flows. It’s a crucial first step. p=quarantine allows email receivers to treat email that fails the DMARC check as suspicious and files them…
Part of the Sending On Behalf Of Others (SOBOO) Series Sending other people’s email in a DMARC compliant manner can be accomplished in a number of different ways. This article is intended for Email Service Providers (ESPs) and any business that sends email using their own customer’s domains (examples: CRMs, talent management companies, billing systems, etc).
People often configure their DMARC records and use the “RUF” tag to ask for Forensic/Failure reports. However, they’re often slow to arrive. If you just added the RUF tag to your DMARC record, be aware that it might take up to 24 hours for your change to be picked up by the larger Internet. If…
If you’re at a large organization looking to deploy DMARC, view the video on dmarcian’s deployment process. It’s worth your time! Here’s a checklist you can use to get DMARC into place:
We’ve put together a short technical overview of DMARC: This video is part of a larger video series on all things DMARC. The transcript follows:
We’ve put together a short overview video on SMTP: This video is part of a larger video series on all things DMARC. The transcript follows:
We’ve put together a short video on DMARC’s ROI: This video is part of a larger video series on all things DMARC. The transcript follows:
We’ve put together a short video on our own DMARC deployment process: This video is part of a larger video series on all things DMARC. The transcript follows:
We’ve put together a short overview video about DKIM: This video is part of a larger video series on all things DMARC.
We’ve put together a short overview video about SPF: This video is part of a larger video series on all things DMARC.
© 2021 dmarcian. dmarcian is a registered trademark of dmarcian, Inc.