WHAT IS DMARC?

One DNS record that decides whether your email arrives.

DMARC is the standard that defines what happens to emails pretending to come from your domain – but don't.

The problem: anyone can forge your sender.

Email was never built to verify the sender. Attackers send invoices, phishing links and CEO-fraud emails from your domain – and your customers, suppliers and employees believe them.

The solution: SPF, DKIM and DMARC together.

SPF defines which servers are allowed to send for your domain. DKIM signs every email cryptographically. DMARC checks whether both match the visible sender domain – and tells the recipient what to do if they don't.

The decision: your policy.

You set a single line in DNS – p=none, p=quarantine or p=reject. It decides what happens to forged mail on your domain.

DMARC policies at a glance
  • p=noneObserve. Delivery as usual, you only receive the reports. A sensible starting point.
  • p=quarantineSend to spam. Suspicious mails land in the recipient's junk folder.
  • p=rejectReject. The receiving server rejects the mail outright. The target state.
Make DMARC reports readable

Pragmatic, transparent, genuinely on eye level – the collaboration exceeded our expectations by a clear margin.

Maria SchmidtManaging Director