DMARC

Domain - based Message Authentication, Reporting and Conformance, DMARC short, is a specification that was developed to reduce abuse of e -mails. They tried to fix some long-standing shortcomings in the context of authentication problems when e -mailing. It was submitted to the IETF for standardization.

Overview

DMARC builds on known techniques SPF ( Sender Policy Framework) and DKIM ( DomainKeys Identified Mail ), by defining how the recipient of e- mails performs authentication. While the aforementioned techniques describe who is allowed to send a mail (SPF ) and that this mail comes unchanged in a certain way by the sender ( DKIM ) the sender may, in addition after the DMARC specification on what kind of receiver with a mail bypasses, which does not meet the requirements in either or both cases. If the recipient of an e -mail applies the DMARC specification, thus a consistent verification of the authenticity of this e -mail is secured.

Contents of an entry

DMARC uses this, as well as SPF and DKIM, the TXT Records of the Domain Name System ( DNS). There, in addition to the SPF and DKIM records another RR entry is created with, for example, the following structure:

V=DMARC1;p=quarantine;pct=100;rua=mailto:[email protected];ruf=mailto:[email protected];adkim=s;aspf=r abbreviation importance v protocol version pct Percentage of messages to be filtered reputation Forensic analysis is being distributed to: rua Aggregated report will be sent to: p What is the procedure with mails from the main domain? sp What is the procedure to mail the subdomain? adkim Balance mode for DKIM aspf Balance mode for SPF Of particular importance are the calibration modes. For SPF calls for the specification, first, that the review is positive and, secondly, the From: header of the mail the same domain has, as in the SPF record stored. For DKIM is required that the signature is valid and in addition referred to therein domain is the same as in the From: header of the mail. As calibration modes are s = 'strict' or r = provided ' relaxed '. In 'strict' must exactly match the domains in ' relaxed ' may the From: header also contains a subdomain. By evaluating the sender receives a daily report to the address.

The policy ( here abbreviated as 'p ' or ' sp ' for subdomains ) finally determines how the receiver should handle the mail if the check fails. Intended modes for this are 'none ', ' quarantine ' and ' reject '. 'none' ( also referred to as monitor mode) is typically used for testing and the receiver makes no provision for the procedure. ' quarantine ' requires the marking the messages as spam, ' reject ' calls to reject the mail.

The DMARC specification was created, among other things, on the initiative of Google, Yahoo, Microsoft, Facebook, AOL, PayPal and LinkedIn.