SPF, DKIM og DMARC

DMARC ensures that an email comes from the correct email server, and that it is not manipulated along the way. DMARC makes it hard for hackers to misuse your email domain; for instance, to send fake emails from your email address to trick your users into thinking that the email comes from you. This is like a postal worker checking your identity every time you send a letter. (( DMARC indicates whether your domain is being misused and whether your emails are arriving at their destination without problems.)) (( DMARC builds on the DKIM and SPF security standards, which are important additions to your email hotel.)) The more domains that enable DMARC, the greater the benefit to the entire internet community: This means cleaner inboxes for everyone, with fewer fake emails and phishing attempts..

Why?

• "Why you should be doing DMARC" from GOV.uk
• "Why is DMARC important?" from DMARC.org

Adoption statistics

• "Who Is Using DMARC?"

Further information

• How-to on DMARC, DKIM and SPF by Dutch Internet Standards Platform
• FAQ on DMARC.org
• "A tip for mailing list operators to interoperate with DMARC to avoid failures\"
• "How we moved microsoft.com to a p=quarantine DMARC record"
• "How to send DMARC compliant email on behalf of others"
• DMARC report tooling: DMARC Analyzer, dmarcian, MailReport, URIports.com, tools on DMARC.org, tools on Github
• Research report "Designing an open source DMARC aggregation tool"
• DMARC.org, OpenSPF.org and DKIM Core

Specifications

• RFC 7489: Domain-based Message Authentication, Reporting, and Conformance (DMARC)
• RFC 6376: DomainKeys Identified Mail (DKIM) Signatures
• RFC 7208: Sender Policy Framework (SPF) for Authorizing Use of Domains in Email, Version 1"