DMARC (Domain-based Message Authentication, Reporting and Conformance) is an email authentication protocol. It is designed to give email domain owners the ability to protect their domain from unauthorized use, commonly known as email spoofing.
Questions tagged [dmarc]
57 questions
3
votes
1 answer
Dmarc: Why do I have dkim=fail, spf=fail and result=pass
I have set up my company dmarc. It is in test mode and I regularly receive reports. Some seem weird to me and I would like to understand. For example, I have received a report with SPF and dkim failed, but the result is passed. I would like to go…
dmx
- 227
- 3
- 8
3
votes
1 answer
How to read dmarc record for a report?
I have a dmarc file containing some record. I am bit surprised by the result and I would like to make sure I am reading it correctly.
Here is the record:
1.2.3.4
1
…
dmx
- 227
- 3
- 8
3
votes
2 answers
DMARC/SPF/DKIM - forward quarantine emails to a separate email address
Is there a way with DMARC/SPF/DKIM to forward all emails that fail DMARC to an email address I specify?
Ie, if someone tries to spoof an email saying it's from me, and it fails, I'd like that email to be sent to an email address I specify rather…
Ryan Ternier
- 581
- 4
- 9
3
votes
3 answers
What does a failed SPF record tell me from a DMARC Aggregate report?
I just started receiving DMARC aggregate reports. I am trying to understand what it means for a Source IP to fail SPF. Does this mean that the domain that failed the SPF tried to send an email on behalf of my domain? (essentially spoof my domain?).…
Dave
- 31
- 1
3
votes
1 answer
Are high levels of email spam normal?
I have got my SPF, DKIM & DMARC records correctly setup and I have started using a DMARC analysis service.
One thing I have noticed is the volume failures. For example, in the last 3 days I have had 16,000 without correct SPF & DKIM.
I am confidant…
Ashley Medway
- 131
- 4
2
votes
1 answer
DMARC rua indicates mail send from competitorDomain.com for ourDomain.com, is this (potentially) mallicous?
We've received several rua reports indicating that one of our direct competitors is sending emails with our domain in the mail from headers.
I do not have access to the actual emails sources, and I have no idea what would cause this. The one cause I…
Jacco
- 7,402
- 4
- 32
- 53
2
votes
2 answers
DMARC report for mails I didn't send
I set up DKIM, DMARC and SPF on my domain/server a few years ago, and never touched it again since then.
Here are my DNS records (my domain is mydomain.com and my IP addresses are 1.1.1.1 and 2001::1):
mydomain.com. 0 TXT "v=spf1 mx a ptr…
Foo
- 23
- 3
2
votes
2 answers
DMARC none policy overwrites local policy
DMARC is used to tell receivers of e-mail what to do if SPF or DKIM fails in mails send from your domain. As far as I know this pretty much sums up DMARC, if this is not correct please correct me.
My question:
The situation is this, mydomain.org has…
Wealot
- 879
- 2
- 12
- 25
1
vote
2 answers
Do fowarded emails retain DMARC protection?
Assume I ask someone to create a filter in their Gmail account that automatically forwards certain emails to my inbox. If the original email was protected with DMARC, would the forwarded email also be protected? Or does it lose the protection once…
Bradford Griggs
- 141
- 4
1
vote
1 answer
Email "FROM address" is changed to an unexpected email address
I have enabled DMARC settings in my domain (drkotzi.org). Now when I send emails from my email address (sales@drkotzi.org) to email lists or email groups, I can see that the email's from address and to address become identical. can someone please…
yello_flash
- 31
- 4
1
vote
1 answer
SPF/DMARC for shared email provider (gmail) - how did this email pass SPF?
We recently received an email from a self described "white hat hacker" purporting to be from our own organization.
According to the mail headers, spf, dmarc, dkim and arc all passed okay and gmail didn't flag it in anyway.
We use google domains for…
Dave Smylie
- 113
- 6
1
vote
1 answer
Does a domain with no SPF record count as a DMARC pass or fail?
Learning about how SPF/DMARC work right now. What I don't see a lot of the articles covering is what happens if there is no published SPF record for the domain. From what I can see most mail servers count that as a pass and let the email through. If…
trallgorm
- 875
- 7
- 19
1
vote
2 answers
SPF, DKIM and DMARC - How do receiving/recipient mail servers know how and when to validate the mail?
I have spent a bit of time researching SPF, DKIM and DMARC mechanisms however If I understand correctly, these help the recipient to confirm whether the domain is legitimate but only if they have these mechanisms configured correctly and…
Chaplin
- 13
- 3
1
vote
1 answer
dkim passes under a different domain's dkim
I read that a SPF fail with DKIM pass means someone has forwarded an email with our domain name attached. I haven't sent any emails to this domain. Is this domain trying to send emails with my domain? Can I stop this behavior with a modification…
euclid4
- 13
- 3
1
vote
1 answer
Is it bad to use DKIM DNS without signing mails?
Does it provide any trust at all to have DKIM set up correctly in my DNS but not sign any emails? I could not find any information about that.
Now, if I send an email to a domain/server with DMARC set up, with policy=reject and adkim=strict, will…
Hannes
- 13
- 2