Skip to main content



DMARC (Domain-based Message Authentication, Reporting and Conformance) is an email authentication, policy and reporting protocol that helps detect and prevent email spoofing. Spoofing is when the email From: address is forged so it appears to have come from your domain, but it is actually spam. This spoofed email can negatively affect the reputation of your domain and also impact legitimate email being sent by your users.

DMARC helps prevent spoofing by allowing email senders and receivers to verify their email. Receivers can supply senders with information about their authentication, while senders can tell receivers what to do when they receive a message that does not authenticate.

DMARC builds on the widely used SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail) protocols to verify emails are authentic. A message that does not pass SPF or DKIM checks triggers the DMARC policy. See DMARC Policies.

See external_link.png for more information.