What is DMARC?

It’s trivial for scammers to send emails that appear to come from your brand (a practice known as spoofing).

These spoofed emails are often used in phishing attacks, where your unsuspecting customers are tricked into revealing sensitive information such as their login or credit card details. Each time this happens it’s a negative experience associated with your brand. Spoofing and phishing attacks can even impact the deliverability of your legitimate emails, preventing your important messages from ever reaching customers. So how do you protect your brand from these attacks?

Enter DMARC, a standard that prevents spammers from using your domains to send email without your permission.

DMARC allows you to tell inbox providers to quarantine or reject emails that weren’t sent from a trusted source. This is based on whether the email passes SPF or DKIM alignment, two widely adopted email authentication standards.

Once you’ve set up a DMARC policy for your domains, inbox providers like Gmail and Yahoo will start sending us daily reports with the DMARC compliance of emails they’ve received from your domains. We process these reports for you, and display the data in a simple and intuitive interface so you can see where these emails are coming from and whether you need to take action.

Read Postmark’s detailed guide on DMARC →

A flow chart showing how DMARC compliance works.