What is a DMARC Policy

broken image

DMARC Policy refers to the set of instructions or policy guidelines communicated to email service providers regarding how to treat an email that fails the DMARC verification check.

To understand the WHAT IS DMARC Policy in detail, let's get an insight into what DMARC is and how it is deployed.

Understanding DMARC and DMARC Record

DMARC (Domain-based Message Authentication, Reporting and Conformance) is an email authenticating protocol. The purpose of DMARC is to enable businesses to protect their domain against hacking attacks and phishing scams etc. The absence of such a protocol may lead to the misappropriation of email by hackers, who may use it for illegal activities, including identity theft, data theft, black market sales and other fraudulent activities. 

DMARC works congruently with SPF (Sender Policy Framework) and DKIM (Domain Keys Identified Mail) to provide email verification. DMARC is deployed through DMARC Policy which is stored in the DMARC Records. The DMARC Records are published in the DNS and convey to the email service providers that the business domain is configured to use DMARC. 

DMARC Policy

Based on the organization’s risk tolerance, the email service provider may apply one of the following three policies to the email sent from the business domain that fails the DMARC authentication test.

None or monitor policy: Email is sent as is with any action or with a warning

Quarantine policy: Email is sent to the spam or junk folder for manual wetting

Reject policy: Email is rejected and is not sent to any of the folders

Applying DMARC Policy

One recommended way to apply the DMARC policy is to set a percentage for the three policies. Alternatively, the business can initially set a monitor or quarantine policy to assess the nature of emails sent from the business's domain or divert them to the quarantine folder (spam/junk). 

As a last resort, the business can set up the reject policy to reject all non-verified emails. However, to ensure that authentic emails do not get rejected, the business can set up a safelist.

 

PreviousNext
Cookie Use
We use cookies to improve browsing experience, security, and data collection. By accepting, you agree to the use of cookies for advertising and analytics. You can change your cookie settings at any time. Learn More
Accept all
Settings
Decline All
Cookie Settings
Necessary Cookies
These cookies enable core functionality such as security, network management, and accessibility. These cookies can’t be switched off.
Analytics Cookies
These cookies help us better understand how visitors interact with our website and help us discover errors.
Preferences Cookies
These cookies allow the website to remember choices you've made to provide enhanced functionality and personalization.
Save