DMARC (Domain-based Message Authentication, Reporting and Conformance) is an email authentication protocol. It is designed to give email domain owners the ability to protect their domain from unauthorized use, commonly known as email spoofing.
Questions tagged [dmarc]
57 questions
37
votes
2 answers
How did this paypal spoof email pass SPF, DKIM and DMARC
This mail that got through has me stumped. It appeared to me as being from PayPal in my Inbox. I happened to look at the original and it says SPF, DKIM and DMARC all passed.
If I'm reading this right, 74.112.67.243…
ianw
- 401
- 1
- 2
- 6
8
votes
1 answer
Enforcing DMARC policy (reject) on an Office 365 tenant
The domain & tenant has SPF and DKIM properly configured and DMARC policy set to p=reject. Still, emails spoofed with the domain in the From header aren't rejected, but appear in the Junk Email folder on Office 365. People do check their Junk Email…
Esa Jokinen
- 16,100
- 5
- 50
- 55
8
votes
2 answers
How did a phishing email pass SPF, DKIM and DMARC?
A friend received a spoofed email (from Bank of America using an uber.com address) which was correctly identified as 'spam' by Gmail. However, looking at the raw message it seems to have passed SPF, DKIM and DMARC checks.
1) How did a spam email…
Islay
- 593
- 1
- 4
- 9
6
votes
1 answer
Can DMARC's SPF alignment be spoofed?
IP addresses can be spoofed. The Envelope-From and Header-From addresses can be spoofed as well. But is it possible to spoof all three at the same time to send a forged email that passes both SPF and SPF alignment in DMARC?
If it is possible,…
hilltothesouth
- 417
- 4
- 9
5
votes
1 answer
Why set up DMARC for SPF if it's already set up for DKIM?
I have SPF and DKIM. I'm planning on adding DMARC to tell receivers to expect SPF and/or DKIM. I've read that it's best to set DMARC up with both SPF and DKIM, but I don't understand exactly when having it for both would be better than having it…
Qaz
- 185
- 6
4
votes
2 answers
How to fix DMARC alignment failure
I'm sending emails via the Ionos mail servers.
I've got spf set up, but dmarc still fails.
This seems related to: Why is DMARC failing when SPF and DKIM are passing?
But I can't figure out how to fix it.
My dns records:
TXT @ "v=spf1…
danielmoessner
- 43
- 5
4
votes
3 answers
Why is DMARC failing when SPF and DKIM are passing?
I've seen this question asked before, but unfortunately, don't understand the responses. I think its something to do with "from" headers being defined differently by different standards. I've added all the domains in the "from" to SPF records, but…
Dedicated Managers
- 141
- 1
- 2
4
votes
1 answer
DMARC "policy_evaluated" is "fail" for SPF, even when SPF domain alignment is "relaxed"?
A DMARC aggregate report which I received reads (irrelevant pieces removed, domains changed):
none
pass
fail
…
Konstantin Shemyak
- 639
- 5
- 12
3
votes
2 answers
What is the point of having SPF and DKIM set up, but having DMARC with policy=none?
Under this FAQ it says that using policy=none is a way for domain owners to monitor forged emails, without having to set up SPF/DKIM. But what im wondering, because i dont fully understand what SPF/DKIM itself does, is: What is the point of having…
Flying Thunder
- 267
- 1
- 2
- 6
3
votes
1 answer
Does gmail still ignore DKIM if SPF passes, DMARC style?
This blog post from 2016 shockingly implies that gmail will accept an email if either SPF or DKIM passes. We use G suite SMTP servers, therefore SPF provides almost zero protection from spoofing. Is this still the case?
Since DMARC only needs one…
Morrison
- 33
- 3
3
votes
2 answers
What is the reason for DMARC spec to not require specifically SPF or DKIM pass?
DMARC produces "pass" result if and only if at least one of SPF and DKIM checks pass. It has been noted that DKIM provides stronger protection of the two (if implemented properly). But, in order to require namely DKIM passing by a DMARC policy, one…
Konstantin Shemyak
- 639
- 5
- 12
3
votes
1 answer
Bypassing OpenDMARC checks by forging Authentication-Results
In order to have mail exchanger MX servers to be able to deliver mail to the primary MX, both SPF and DMARC checks needs to be bypassed when the connection is made from a secondary MX. For SPF this is quite straightforward: if the secondary MX…
Esa Jokinen
- 16,100
- 5
- 50
- 55
3
votes
0 answers
How to set header.from?
A client recently received an email that was spoofed in a way that I'd never seen before. The following are the anonymised, relevant details from the email's headers:
authentication-results: spf=none (sender IP is 74.208.4.197)…
mythofechelon
- 217
- 1
- 11
3
votes
2 answers
DMARC policy result when exactly one of SPF and DKIM fails and exactly one succeeds
E-mail forwarding can break SPF, but it should not break DKIM. I want to make a DMARC policy that will evaluate to "pass" when either DKIM or SPF passes, and "fail" when neither DKIM or SPF passes. Is this possible? If so, how is this done?
I'm…
jornane
- 415
- 2
- 14
3
votes
1 answer
Understand DMARC report before starting quarantine
I work for a small company. We have lot of IP black listed because of spamming.
We decided to setup dmarc for our mail server. This has been setup and is working correctly.
The issue now is that in the report, few record pass dmarc policy and…
dmx
- 227
- 3
- 8