DMARC completes security on SMTP for DKIM and SPF.
Gives the owner of domain from sender the option to define a policy how to handle with e-mails the verification failed for:
DKIM
SPF
Without the receiver has to setup for both his own policy rules which maybe doesn't match with the owner of sender domain.
A full configuration includes : DKIM + SPF + DMARC
Secure Messaging Gateway should support DMARC by query the DMARC record from sender domain to ask for policy in cases if DKIM is failing and SPF results aren't "SPF_PASS".
A faked e-mail would be handled on policy of correct owner from domain and DMARC record is usually created by correct owner for the sender domain.
Top Comments