Alt-N Discussion Groups > Discussions > DMARC - What advantage?

 [F] Alt-N Discussion Groups  / Discussions  /

DMARC - What advantage?

[R, Ian]
Ian R
Posts: 19
Ian R - 03:26am, Aug 28 2014

Just a casual query, but wondered what the advantages of DMARC are.

From dmarc.org, "A DMARC policy allows a sender to indicate that their emails are protected by SPF and/or DKIM"

-Which would seem to be redundant since that can be done in domain settings anyway.

IME, SPF and DKIM never work all that well anyway. Especially as if you set strict adherence you're going to have a lot of forwarded messages rejected.

  All MessagesOldest ItemsOlder ItemsNewer ItemsNewest Items

Dave Warren - Aug 28, 2014 1:12 pm (#1 Total: 1)  


Photo of Author
Dave Warren
Posts: 79
DMARC has a few advantages, actually.

1) It brings together the strengths of SPF and DKIM, allowing for either mechanism to authenticate mail. SPF is trivially simple to implement, but as you observed, doesn't survive forwarding. DKIM is more complicated to implement, but it survives forwarding and provides message body verification.

2) If reporting is enabled, it gives you reporting of possible problems.

3) If you set a reject policy, it enforces this reject policy on *other* servers, not your server -- You can't otherwise control what other servers accept.

SPF doesn't survive traditional alias style forwarding, but DKIM passes through forwarding just fine. DMARC will allow you to write a policy that will allow mail to be accepted if it passes either.

With all of that being said, unless you're a large company or are seeing your domain forged regularly, it probably isn't worth setting a DMARC reject policy, but you might want to consider setting up a DMARC reporting policy so that yo can find out how often your domain is forged, and decide if action needs to be taken.

  All MessagesOldest ItemsOlder ItemsNewer ItemsNewest Items


Read New | Search


Email to Admin

You are visiting as a Guest user.