Skip to main content
The Biggest Email Receivers in the Game Recommend DMARC as a Best Practice

The Biggest Email Receivers in the Game Recommend DMARC as a Best Practice

Ecosystem NewsEmail Security Insights

UPDATE: Google and Yahoo continue to recognize the necessity and power of DMARC to fight email fraud and are now requiring it for bulk senders. You can read more about it here.


It’s no secret that email delivers the highest ROI of any other marketing medium, producing $44 for every $1 spent, says Campaign Monitor. According to McKinsey, when it comes to customer acquisition, email is 40x more effective than social media. It is also the most targeted medium for cybersecurity attacks with over 90% of attacks starting with a phishing email.

To help protect against phishing attacks, prominent mailbox providers like Gmail and Yahoo have helped bring DMARC (Domain Based Message Authentication Reporting and Conformance) to the mainstream by removing any doubt that this domain-based control serves as a basic means of improving deliverability, visibility and control over who and what can send mail on your domains.

Both marketers and B2B senders who’ve subscribed to any of the other best practices (SPF, DKIM, opt-in permissions, etc.) listed on Gmail’s or Yahoo’s postmaster pages may want to take another visit to read plainly that DMARC is on their short list of must-haves.

Gmail and Yahoo do a fine job in spelling out their preferences for DMARC, the benefits that can be realized, as well as some basic adoption techniques. One important omission to those techniques, however, is that XML, the format in which the DMARC reports are sent, is difficult for humans to read, especially if multiple reports are involved.

The most successful rollouts of DMARC are those that leverage visualization tools to help email senders make sense of the data; and dmarcian’s XML to Human converter is a low barrier to entry place to start.

DMARC is a free and open technical specification that describes how to make email easy to identify. Email senders are given precise directions on how to configure their email. Email receivers use DMARC to verify that email comes from the Internet domain from which it claims to come. Since it’s arrival in 2012, DMARC has quickly become the industry standard for preventing phishing and spoofing attempts—the number one attack trajectory for nefarious third parties—and dmarcian, founded by a co-author of the DMARC specification, has been helping organizations of all sizes and in a variety of industries reach their DMARC compliance goals.

Want to continue the conversation? Head over to the dmarcian Forum.