IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [dmarc]

DMARC (Domain-based Message Authentication, Reporting and Conformance) is an email authentication protocol. It is designed to give email domain owners the ability to protect their domain from unauthorized use, commonly known as email spoofing.

57 questions
0
votes
0 answers

Unknown Cause of SPF Fail

I have the following SPF record: v=spf1 include:_spf.mailspamprotection.com include:_spf.google.com ip4:209.85.220.0/24 ~all Although I have included _spf.mailspamprotection.com in my SPF record, which includes ip4:146.66.121.0/24, I get SPF Fail…
Reza
  • 101
0
votes
0 answers

Why do I need DMARC on top of SPF and DKIM?

If SPF is verifying against a set of IP records if the incoming email from a domain was sent from an authorized host piggybacking on the DNS and DKIM does touch the signature of the email and calculate another one based on DNS public key record and…
Asian Flavor
  • 1
0
votes
1 answer

Whitelisting Email Service for Anti-Spoofing and DMARC

My company uses an Anti-Spoofing Protection based on the SPF Record and has implemented DMARC. Often our users correspond via a "secure" messaging platform like Proofpoint/ZIX/IronPort from their counterparts. However, when our users respond on…
user2942358
  • 5
  • 2
0
votes
1 answer

DMARC & failing SPF

I would like to clarify the following scenario with DMARC, (assuming there is a publish DMARC policy): SPF fails No (aligned or any) DKIM records Should result of DMARC check be none or fail? Technically we cannot align anything with From thus we…
charlag
  • 103
  • 4
0
votes
0 answers

Do we need SPF when we have DKIM?

I always thought that to authenticate email we needed both SPF and DKIM (and DMARC). But email is confusing and recently I found myself asking why we can't do with just SPF or DKIM. I then discovered that the problem with using just SPF is that…
SWdV
  • 179
  • 11
0
votes
1 answer

Soft-fail vs Hard-fail SPF + Monitor vs Reject+Strict DMARC, could it be counterproductive?

I have a ProtonMail premium plan with one custom domain and a single email address. My domain DNS is protected with DNSSEC. What caught my eye were two things they recommended in the domain setup: Soft-fail SPF (Sender Policy Framework - wiki)…
LinuxSecurityFreak
  • 1,562
  • 2
  • 18
  • 32
0
votes
2 answers

DMARC on ProtonMail custom domain

I began using ProtonMail email service, I like it that much, that I connected my domain yesterday and did appropriate changes to DNS. This page of ProtonMail's knowledgebase says how DMARC shall be set up. An image for the words: I have…
LinuxSecurityFreak
  • 1,562
  • 2
  • 18
  • 32
0
votes
1 answer

How should I configure DMARC (or DKIM?) to deal with OWA forwarding changing email bodies?

For my own domain (mydomain.com, hosted with a free G Suite), I have setup DMARC in testing mode: v=DMARC1; p=none; sp=reject; aspf=s; adkim=s; rua=mailto:dmarc@mydomain.com I have sent out test emails to a bunch of email addresses to get an idea…
bers
  • 200
  • 1
  • 9
0
votes
1 answer

Why is DKIM configuration testing not working the same for every test site?

basically, I have setup spk, dkim and dmarc for mail authentication. For this, I used this tuto. All worked correctly and I got this result: seems like everything OK. Now to confirm everything is working correctly, I have tried, on and another…
dmx
  • 227
  • 3
  • 8
0
votes
4 answers

Suspicious Entry in DMARC Report

I recently contacted a vendor of security-related development libraries to ask for a quote (I won't name them yet). The next day, Postmark sent me my weekly DMARC report - and it contained 2 failed entries originating from this vendor's domain,…
Owen Orwell
  • 207
  • 1
  • 5
0
votes
2 answers

Why did spoof email receive a "pass"? And why didn't it show up in the aggregate report?

Good Morning All, I've been thrown into the deep end with a request from my director. I know little of DMARC and email spoofing in general, but I'm trying to somehow weed out WHY this spoof email "passed". It's coming from some…
RGuthrie
  • 1
  • 1
-1
votes
1 answer

Does gmail use SPF or DMARC when sending messages outside of gmail?

I can't seem to find any record of SPF or DMARC in the original messages coming from gmail to my mail server. Does gmail use SPF or DMARC when sending messages outside of gmail?
johnnyApplePRNG
  • 1
  • 2
1 2 3
4