How DMARC Works

From the time an email is sent to the point when it arrives in your inbox, DMARC, SPF and DKIM work together to ensure authentication in four simple steps.

Step 1


Step 2

hiw_icon2_2xEnforce DMARC
policy to reject
unauthenticated email

Step 3

hiw_icon3_2xMaintain a
reputable brand

Step 4

Enable DMARC Verification on your email gateway

Sender Policy Framework (SPF)

SPF is the missing link that decides which mail servers are authorized to send mail from your organization’s domain.

DomainKeys Identified Mail (DKIM)

By using a digital signature, DKIM validates the domain’s identity associated with an email.

Domain-Based Message Authentication (DMARC)

DMARC gives email senders an opportunity to show that their messages are protected, and tells receivers what to do if one of the authentication methods passes or fails.

Information source:

Subscribe to the GCA Newsletter

Get the latest news from GCA, including updates about the GCA Toolkit. Signup and opt-in.

You have Successfully Subscribed!