
Email Best Practices 101
This email boot camp will help you to increase the ROI of your email operations with 15 proven tactics for boosting email deliverability.
Domain-Based Message Authentication,
Reporting and Conformance
Domain-based Message Authentication, Reporting, and Conformance, or DMARC, is a technical standard that helps protect email senders and recipients from spam, spoofing, and phishing. DMARC allows an organization to publish a policy that defines its email authentication practices and provides instructions to receiving mail servers for how to enforce them. In this edition of “DMARC Explained” you’ll learn what DMARC is and how it works.
Specifically, DMARC establishes a method for a domain owner to:
DMARC itself is not itself an email authentication protocol, but it builds on key authentication standards SPF and DKIM. With them, it supplements SMTP, the basic protocol used to send email, because SMTP does not itself include any mechanisms for implementing or defining policies for email authentication.
DMARC relies on the established SPF and DKIM standards for email authentication. It also piggybacks on the well-established Domain Name System (DNS). In general terms, the process of DMARC validation works like this:
A DMARC record is included in an organization’s DNS database. An DMARC record is a specially-formatted version of a standard DNS TXT record with a particular name, namely “_dmarc.mydomain.com” (note the leading underscore). A DMARC record looks something like this: _dmarc.mydomain.com. IN TXT “v=DMARC1\; p=none\; rua=mailto:dmarc-aggregate@mydomain.com\; ruf=mailto:dmarc-afrf@mydomain.com\; pct=100”
Reading left-to-right in plain English, this record says:
Additional configuration options are available for a domain owner to use in its DMARC policy record as well, but these are the basics.
“Domain alignment” is a concept in DMARC that expands the domain validation intrinsic to SPF and DKIM. DMARC domain alignment matches a message’s “from” domain with information relevant to these other standards:
The alignment can be relaxed (matching base domains, but allowing different subdomains) or strict (precisely matching the entire domain). This choice is specified in the published DMARC policy of the sending domain.
The DMARC specification provides three choices for domain owners to use to specify their preferred treatment of mail that fails DMARC validation checks. These “p= policies” are:
Remember that the domain owner can only request, not force, enforcement of its DMARC record; it’s up to the inbound mail server to decide whether or not to honor the requested policy.
DMARC reports are generated by inbound mail servers as part of the DMARC validation process. There are two formats of DMARC reports:
DKIM, SPF, and DMARC are all standards that enable different aspects of email authentication. They address complementary issues.
If you are a business sending commercial or transactional email, you definitely need to implement one or more forms of email authentication to verify that an email is actually from you or your business. Properly configuring DMARC helps receiving mail servers determine how to evaluate messages that claim to be from your domain, and it is one of the most important steps you can take to improve your deliverability. However, standards like DMARC only go so far; SparkPost and other email experts recommend implementing a DMARC email authentication policy in context of a complete messaging strategy.
Yes. SparkPost implements and adheres to email authentication standards, including DMARC. In fact, all email we deliver for our users includes a default DMARC policy that can be customized to your needs. You will need to publish the DMARC record for your sending domain with your DNS provider.
Learn more about DMARC with these resources from SparkPost’s email experts and elsewhere on the web.
Develop your email industry expertise and master best practices with SparkPost’s email resources.
This email boot camp will help you to increase the ROI of your email operations with 15 proven tactics for boosting email deliverability.
Learn how third-party data shows the deliverability difference between SparkPost and also-ran cloud service providers yields hard, bottom-line benefits.
This practical course is a great way to get started understanding email deliverability and how to measure email performance.
Try SparkPost and see how we deliver far more value than the competition.