Domain-based Message Authentication, Reporting and Conformance (DMARC) is an email validation system designed to detect and prevent email spoofing. It is intended to combat certain techniques often used in phishing and email spam, such as email messages with forged sender addresses that appear to originate from legitimate organizations. It provides a way to authenticate email messages for specific domains, send feedback to senders, and conform to a published policy.
DMARC fits into the inbound email authentication process of Trend Micro Email Security. The way it works, is to help email recipients to determine if the purported message aligns with what the recipient knows about the sender. If not, DMARC provides guidance on how to handle the non-aligned messages. DMARC requires either of the following:
A message passes the SPF check, and its identifier domain is in alignment.
A message passes the DKIM signature check, and its identifier domain is in alignment.
Identifier alignment requires that the domain authenticated by SPF or DKIM be the same as or belong to the same organizational domain as the message header domain. If the alignment mode is "s" (strict), the two domains must be exactly the same; if the alignment mode is "r" (relaxed), they must belong to the same organizational domain.
If an email message passes the Sender IP Match check, the message is also considered as passing the SPF check of DMARC authentication.