Domain-based Message Authentication, Reporting & Conformance (DMARC)

Domain-based Message Authentication, Reporting & Conformance (DMARCDomain-based Message Authentication, Reporting & Conformance) is an email verification system designed to detect and prevent email spoofing.

You can configure the Clearswift Gateway to perform DMARC validation checks on received mail.

When you enable DMARC verification, if the DNS contains DMARC records for the domain from which a message is sent, the Clearswift Gateway uses these records to verify a message is coming from the stated sender. If there are no DMARC records for that sender domain, the Clearswift Gateway cannot perform DMARC verification.

As well as verifying the sender domain, DMARC verification requires that the domain in an email “From:” field relates to the authenticated domain.

You can configure the Clearswift Gateway to perform DMARC verification on inbound messages. Depending on the DMARC verification result and policy in the DNS record, the Clearswift Gateway accepts, quarantines, or rejects the message. For more information, see Configuring DMARC verification.

Domain owners publish a DMARC DNS record that makes recommendations on what message recipients should do with messages that fail authentication.

Domain-based Message Authentication, Reporting & Conformance (DMARC)

See also...