DNS-Based Defense: DMARC
Explore how DMARC works as a DNS-based email authentication tool built on SPF and DKIM. Understand its policies for handling suspicious emails and how it helps collect reports on email validation failures. This lesson shows how DMARC aids in troubleshooting and identifying forged emails, improving your domain’s email security.
We'll cover the following...
Introduction #
DMARC, or Domain-Based Message Authentication, Reporting, and Conformance is another DNS-based email tool. It’s built on top of SPF and DKIM and has two main uses. First, it can be used to help troubleshoot complex SPF and/or DKIM rules. Second, it can be used to collect forged emails for later analysis. Let’s take a look at the DMARC records in use for punkgrok.org. We do this by looking at the TXT DNS records for _dmarc.punkgrok.org, as follows:
The output should be similar to the following:
; <<>> DiG 9.8.3-P1 <<>> _dmarc.punkgrok.org txt
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 16424
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;_dmarc.punkgrok.org. IN TXT
;; ANSWER