Learn about DMARC, SPF, and DKIM

Welcome to DMARCPal's Learn blog. Check our posts to discover and learn more about DMARC, SPF, DKIM, and how to get the most value of your DMARCPal subscription.

Forged emails are a growing concern for personal and business communication. With the ease of sending fake emails that appear to come from a different source, it's essential to be aware of the dangers and take steps to prevent them.

This blog post will explore the reasons why it's so easy to send ...

DMARC is a protocol for email authentication. It allows domain owners to specify how email from their domain should be authenticated. But some domain owners may get too many reports and want to stop receiving them.

Some people may want to stop receiving DMARC reports because they are getting too m...

This is a continuation post covering a process to setup DMARC on active domains. Visit A (sane) DMARC setup process for busy email domains to know more about this post series.

Mistakes can happen.

An updated DKIM selector record may be missing a semicolon. Someone in a rush could mistype t...

This is a continuation post covering a process to setup DMARC on active domains. Visit A (sane) DMARC setup process for busy email domains to know more about this post series.

In the previous steps of the 5-Stages DMARC Setup process we got to know more about the domain email traffic pattern...

This is a continuation post covering a process to setup DMARC on active domains. Visit A (sane) DMARC setup process for busy email domains to know more about this post series.

Depending on the volume of emails you send, how old your domain is, and how much exposure it has, your DMARC reports...

This is a continuation post covering a process to setup DMARC on active domains. Visit A (sane) DMARC setup process for busy email domains to know more about this post series.

The objective of this stage is to collect data so we get to know how email from the domain flows and, in parallel, m...

This is a continuation post covering a process to setup DMARC on active domains. Visit A (sane) DMARC setup process for busy email domains to know more about this post series.

Planning and controlling the DMARC deployment process is crucial to avoid problems and questions down the road that...

This is a continuation post covering a process to setup DMARC on active domains. Visit A (sane) DMARC setup process for busy email domains to know more about this post series.

Here is a brief overview of the DMARC setup process we will be covering in this post series:

The 5-Stages DMARC Se

...

DMARC is great. It allows you to publish your email sending policies, and those are used to prevent phishing emails using your domain. On top of that, it also provides reporting facilities that give you insights on your email delivery.

Implementing DMARC on new domains is straightforward. You just...

If you are a Google Workspace user and use Google Calendar, you may have noticed some DMARC fails on your DMARC reports.

Here’s a sample record extracted by DMARCPal Record Explorer showing the issue:

Record with failed DMARC check

The problem is caused by Google sending those emails from domains that don’t align with the...

We’ve seen this happening to a few domains hosted on Google Workspace: DKIM is properly set up on the domain, email is okay, and DMARC passes.

All seems fine, except that DKIM is not authenticating emails “From” the user domain.

Because Gmail works, people think that DKIM is doing the right th...

Not a long time ago, Internet email was based on trust. Trust on the servers, trust on the people running the servers.

Trust that who you see in an email “From” is really who wrote that message.

As of 2020 about 3+ billion forged emails are sent in a day, and it is safe to say (no pun intended...

DKIM is short for DomainKeys Identified Mail. It is a mechanism to verify that some core information of an email message, such as its body, and the “From” and “Subject” lines, are authentic and haven’t been tampered with by someone while the email was in transit.

So when you send an email using...

By default, any computer connected to the Internet can send emails pretending to come from your domain.

That’s true. If you registered example.com for your business and just configured basic email (i.e for sending and receiving XXX@example.com messages), then someone on a cybercafe on the ot...

This happens more often than we think: an employee receives an email from his boss requesting him to do something.

It might be something as simple as requesting a document.

Or more serious, such as the credentials to the company’s social media accounts. Or to transfer several thousand dollars to...