About DMARC Protection
Agari DMARC Protection™ helps you protect the ownership of your brand by protecting your customers from phishers, spammers, and other email abusers who attempt to send inauthentic email claiming to be you. DMARC Protection does this by helping you easily and thoroughly obtain outgoing email authentication. This authentication is for
DMARC (Domain-based Message Authentication, Reporting & Conformance) is an email authentication, policy, and reporting protocol. It builds on the widely deployed SPF (Sender Policy Framework
A DNS-based technology that allows a domain owner to specify a limited set of IP addresses that email for that domain may be sent from.
The domain authenticated by SPF is not the “header From” domain visible in most email clients. SPF authenticates the envelope domain, also called the MailFrom domain, described in RFC 5321. This domain typically appears in the “Return-Path:” message header.
Sender Policy Framework (SPF) is specified in RFC-7208 (https://tools.ietf.org/html/rfc7208).
See also: http://www.openspf.org/) and DKIM (DomainKeys Identified Mail) protocols to improve and monitor protection of domains from fraudulent email by:
- Adding linkage to the author (“From:”) domain name.
- Publishing policies for recipient handling of authentication failures.
- Reporting from receivers to senders.
This guide introduces you to DMARC and explains how to use Agari DMARC Protection to guide you through the process of implementing DMARC for your organization and to keep your DMARC status up-to-date. The topics covered here include:
- SPF, and building SPF DNS records for your domains. See SPF - Sender Policy Framework.
- DKIM, and building DKIM DNS records for your domains. See DomainKeys Identified Mail.
- DMARC, and building DMARC DNS records for your domains. See Implementing DMARC.
- Moving DMARC from monitor to reject. See Move to Reject.
- Hosting DNS records at Agari.
- Ongoing monitoring of your domains, including changes in domains, senders, and IP addresses.
- Email traffic reporting. See Email Traffic Reports.
- Alerts, including alert subscriptions. See Alerts.
- DMARC Protection administration, including user accounts and user roles.
DMARC Protection Help
This help system provides information about how to configure and use DMARC Protection. You can use the links below or the navigation to the left to go directly to any section or topic, or use the search field above to find specific information.
- Overview of email authentication standards, including DMARC, its benefits, and how it works.
- Getting to reject, the DMARC implementation process:
- Get Credentials and Training
- Publish DMARC at monitor
- Add domains
- Monitor traffic and senders
- Identify and classify senders
- Convert well-known senders
- Build SPF records, including SPF alignment, SPF problems, and hosted SPF
- Publish SPF records
- Implement DKIM, including requesting DKIM signing, verifying DKIM, enabling DKIM, and hosting DKIM
- Move to reject
- Monitoring DMARC
- Configuring, sharing, and scheduling email traffic reports
- Configuring and subscribing to alerts
- Adding and deleting domain groups
- User accounts, including settings, roles, and single sign-on
Audience
This guide is intended for use by email administrators who are starting to manage DMARC for their organizations.
The DIY Approach With As-Needed Help
You can use DMARC Protection and this guide to help you through the process of setting up, managing, and maintaining DMARC policies for your domains.
DMARC Protection gives you visibility into data about email bearing your brand, tools to analyze that data in meaningful ways, tools to generate various files for implementing DMARC, and helpful tips for accomplishing tasks that cannot be enabled from a user interface.
DMARC Protection Workflows
The following diagrams illustrate the basic DMARC Protection workflows.
