Skip to main content
Information Security

Questions tagged [dmarc]

Ask Question

DMARC (Domain-based Message Authentication, Reporting and Conformance) is an email authentication protocol. It is designed to give email domain owners the ability to protect their domain from unauthorized use, commonly known as email spoofing.

67 questions
Newest Active Bountied Unanswered
3 votes
2 answers
2k views

DMARC/SPF/DKIM - forward quarantine emails to a separate email address

Is there a way with DMARC/SPF/DKIM to forward all emails that fail DMARC to an email address I specify? Ie, if someone tries to spoof an email saying it's from me, and it fails, I'd like that email ...
Ryan Ternier's user avatar
Ryan Ternier
  • 581
3 votes
3 answers
963 views

What does a failed SPF record tell me from a DMARC Aggregate report?

I just started receiving DMARC aggregate reports. I am trying to understand what it means for a Source IP to fail SPF. Does this mean that the domain that failed the SPF tried to send an email on ...
Dave's user avatar
Dave
  • 31
0 votes
4 answers
586 views

Suspicious Entry in DMARC Report

I recently contacted a vendor of security-related development libraries to ask for a quote (I won't name them yet). The next day, Postmark sent me my weekly DMARC report - and it contained 2 failed ...
Owen Orwell's user avatar
Owen Orwell
  • 207
1 vote
1 answer
163 views

Verify senders of earlier emails in chain

I know that an emails' sender can be verified e.g. through DKIM. If I receive an email chain containing replies, forwards, etc. is there any way to verify the sender of other (earlier) emails in the ...
anotherfred's user avatar
anotherfred
  • 113
2 votes
1 answer
227 views

Are high levels of email spam normal?

I have got my SPF, DKIM & DMARC records correctly setup and I have started using a DMARC analysis service. One thing I have noticed is the volume failures. For example, in the last 3 days I have ...
Ashley Medway's user avatar
Ashley Medway
  • 121
0 votes
2 answers
1k views

Why did spoof email receive a "pass"? And why didn't it show up in the aggregate report?

Good Morning All, I've been thrown into the deep end with a request from my director. I know little of DMARC and email spoofing in general, but I'm trying to somehow weed out WHY this spoof email "...
RGuthrie's user avatar
RGuthrie
  • 1
1 vote
1 answer
482 views

Why so many DMARC failures? When to move on?

I just started getting DMARC aggregate reports for our newly-DKIM'd environment in passive mode ("p=none;") and notice a strange trend: Almost 1/4 of the IPs in any given provider report DKIM auth ...
armani's user avatar
armani
  • 2,678

15 30 50 per page
1 2 3 4
5