Domain-based Message Authentication, Reporting & Conformance, or DMARC for short, is an extension for existing SPF and DKIM records. With the DMARC record in the DNS, the administrator of an email domain can tell the receiving mail servers which criteria an email must meet in order for it to actually come from the sender domain. This includes a policy for SPF and/or DKIM. Depending on the setting set, the recipient’s mail server can also dispose of emails as spam that are forged due to the lack of a DKIM signature or whose SPF is not verifiable. DMARC checks headers against the sender domain from the email headers, and its mail client also displays a verified address.

It is only with DMARC that DKIM and SPF get real teeth. An administrator of a mail domain can announce via DMARC that he sends all his emails with DKIM and SPF. Everything else is officially not from him and may therefore be disposed of as spam. This is exactly what SecuMail does for you. In addition to your business partner, every professional administrator can secure the mail traffic for his organization.