Domain-based Message Authentication, Reporting, and Conformance, or DMARC, is a DNS TXT record published for a domain that controls what happens if a message fails authentication (i.e. the recipient server cannot verify that the message's sender is who they claim to be). There are two main purposes of a published DMARC record:
1. Indicate to the recipient server whether to Quarantine the message, reject it, or Allow it to continue delivery.
2. Reports all messages are seen from the domain to an email address or addresses
It's easy to see why DMARC is so valuable! Once published, a DMARC record is used by receiving mail servers (like Gmail or Yahoo! Mail) to determine what to do with failed messages. Gmail's receiving mail server looks at the DMARC record to decide which policy to follow:
The message should remain unchanged
The message should be quarantined
The message should be rejected
Once a domain has published a DMARC record, the recipient mail server takes appropriate action for one of three options. If no such record exists, the recipient decides what to do with the message. Phishing, malware threats, and other security issues necessitate a solution such as DMARC. By blocking fraudulent messages, it became established as the gold standard for legitimate emails.
