DMARC Dictionary

DMARC Dictionary

Everything you need to know about terms used for DMARC

  1. Aggregate reports

    A category of XML files containing aggregate email authentication information regularly sent to recipients selected by domain owners. The reports are sent by Email Service Providers (ESPs) like Gmail, Office 365, Yahoo Mail, etc.

  2. Alignment

    A scenario where three header fields in an email match (From, ReturnPath(SPF), and DKIM d=), proving taht the email is a legitimate one originating from where it is meant to come from.

  3. API

    Application Programming Interface. It is a software intermediary that allows two applications to talk to each other.

  4. APWG

    Anti-Phishing Working Group. An international consortium that unifies firms that have been harmed by phishing attacks, security products and services providers, law enforcement agencies, government agencies, trade associations, regional international treaty organisations, and communications providers.

  5. ARC

    Authenticated Received Chain. An email authentication system that enables an intermediate mail server (a mailing list or forwarding service) to sign the original authentication findings of an email.

  6. BEC

    Business Email Compromise. A category of cybercrimes in which criminals send an email message with a legitimate request that appears to come from a known source.

  7. BIMI

    Brand Indicators for Message Identification. A standard that attaches your company’s logo in authorised email communications.

  8. Blacklisting

    A method used by most antivirus programs and intrusion prevention/detection systems that work by maintaining a list of applications that are to be denied system access.

  9. CIDR

    Classless Inter-domain Routing. A set of IP standards that are used to provide network and device IDs that are unique.

  10. CNAME

    Canonical Name. A type of resource record in the DNS that provides the mapping of one domain name to another.

  11. CRTSIRT

    Computer Security Incident Response Team. A group of IT specialists who provide services and assistance to a business in the areas of cybersecurity risk assessment, management and prevention, as well as incident response coordination.

  12. DANE

    DNS-based Authentication of Named Entities. An Internet security protocol that allows domain names to be tied to X. 509 digital certificates, which are often used for Transport Layer Security (TLS).

  13. DDoS

    Distributed Denial-of-service. A cyber-attack in which the attacker attempts to make a computer or network resource unavailable to its intended users by disrupting the services of a host connected to the Internet for a period of time or indefinitely.

  14. DKIM

    DomainKeys Identified Mail. A technical standard that aids in the prevention of spam, spoofing, and phishing of email senders and recipients.

  15. DKIM alignment

    A scenario in which the parent domain of your email’s DKIM signature domain matches the Header From domain.

  16. DMARC

    Domain-based Message Authentication, Reporting, and Conformance. An open email authentication protocol that protects an email domain from unauthorized use (often known as email spoofing), phishing attacks via impersonation, and other cyber attacks or crimes.

  17. DMF

    Domain Management Function. A centralised authority within an organisation that is responsible for the acquisition, management, and monitoring of Internet domains.

  18. DNS

    Domain Name System. A hierarchical naming system for devices and resources connected to the Internet or a private network.

  19. DNSSEC

    DNS Security Extensions. A DNS feature that authenticates responses to domain name lookups.

  20. ESP

    Email Service Provider. A provider of email hosting that implements email servers for the exchange of emails on behalf of other organizations or end-users.

  21. ESMTP

    Extended Simple Mail Transfer Protocol. A protocol used to send and receive emails over the network.

  22. Forensic Report

    Reports that are sent out if an email from a domain fails both the SPF and DKIM authentication protocols. These reports contain data about the spoofed email such as the sending email address, receiving email address, subject, and, sometimes, the header of the email. 

  23. From Header

    A header field defined in RFC5322 with two components, namely Display Name and Address Field.

  24. FQDN

    Fully Qualified Domain Name. A complete address for a website, computer, server or similar entity that exists on the Internet.

  25. Honeypot

    A computer security tool to detect, deflect, or prevent attempts at unauthorized use of a system.

  26. IETF

    Internet Engineering Task Force. An open standards organization that develops and promotes voluntary Internet standards, specifically the ones that comprise the Internet protocol suite.

  27. IMAP4

    Internet Mail Access Protocol version 4. An Internet standard protocol for storing and retrieving messages from SMTP hosts.

  28. Impersonation

    A category of cyberattack in which the attacker imitates or copies the behaviour or actions of another person or organization.

  29. IP

    Internet Protocol. A set of rules governing the format of data that is sent via the internet or local network.

  30. ISP

    Internet Service Provider. An organization that provides many different services for accessing, using, or participating in the Internet.

  31. LAN

    Local Area Network. A network of connected devices in one physical location such as a building, office, or home.

  32. M3AAWG

    Messaging, Malware and Mobile Anti-Abuse Working Group. An organization that develops cooperative approaches for fighting online abuse.

  33. MAN

    Metropolitan Area Network. A computer network that interconnects devices in a geographical region of the size of a metropolitan area.

  34. MIME

    Multipurpose Internet Mail Extensions. A standard that indicates the nature and format of a document, file, or combination of bytes.

  35. MSA

    Message Submission Agent. A computer program or software agent that receives emails from a mail user or agent and assists the mail transfer agent with the delivery of the mail.

  36. MSP

    An organization that offers managed IT services to customers.

  37. MSSP

    Managed Security Service Provider. An organization that offers cybersecurity services to end users.

  38. MTA

    Message Transfer Agent. A software that transfers electronic mail messages between devices using SMTP.

  39. MTA-STS

    Mail Transfer Agent Strict Transport Security. A protocol that informs services that are sending your organisation emails that your domain supports Transport Layer Security (TLS) 1.2 or higher.

  40. MUA

    Mail User Agent. A computer application that allows you to send and retrieve emails

  41. MX

    Mail Exchanger. A destination mail server.

  42. MX-record

    A record that specifies the mail server responsible for accepting email messages on behalf of a domain name.

  43. Organizational Domain

    An organisation’s chosen field of action.

  44. Phishing

    A type of social engineering attack in which an attacker, acting as a legitimate entity, tricks a victim into opening an email, instant message, or text message.

  45. POP3

    Post Office Protocol 3. An application-layer Internet standard protocol used by email clients to retrieve emails from a mail server.

  46. PTR

    A type of DNS record that resolves an IP address to a domain or hostname.

  47. Receiver

    A hardware module or device used to receive signals of different kinds.

  48. Reporter

    A server that receives an email to be delivered to inboxes and generates aggregate and forensic reports.

  49. RUA

    A set of XML files providing aggregate email authentication information given by Email Service Providers (ESPs) like Gmail, Office 365, Yahoo Mail, and others to domain owners. 

  50. RUF

    A set of XML files that are sent out if an email from your domain fails both the SPF and DKIM authentication protocols.

  51. Smart Host

    An email server through which third parties can send emails and have them forwarded to the email recipients’ email servers.

  52. SSO

    Single Sign-On. An authentication system that allows a user to log in with a single ID and password to any of several related, yet independent software systems.

  53. S/MIME

    A standard for public-key encryption and signing of MIME data.

  54. SMTP

    Simple Mail Transfer Protocol. An internet standard communication protocol for electronic mail transmission.

  55. Source

    An organization that sends emails on behalf of others.

  56. SPF

    An email authentication system that detects forged sender addresses while an email is being delivered.

  57. SPF Flattening

    A technique that is useful when the DNS lookup limit is reached due to an increased number of SPF mechanisms.

  58. Spoofing

    The act of mimicking a communication from a trusted or legitimate source.

  59. SSL

    Secure Sockets Layer. An encryption-based Internet security protocol.

  60. TCP/IP

    The conceptual model and a set of communications and protocols used over the Internet and other networks.

  61. TLS

    Transport Layer Security. A type of protocol designed to provide communications security over a computer network.

  62. TXT

    A type of DNS record used to associate text with a host or another name.

  63. URL

    Uniform Resource Locator. The mechanism used by browsers to find any published resource on the web.

  64. VEC

    Vendor Email Compromise. A scenario in which a cybercriminal takes over a legitimate email account of a well-known vendor to trick a business into making payment information modifications that benefit the criminal.

  65. WAN

    Wide Area Network. A connection of systems that serves the primary purpose of computer networking and spans a broad geographic area.

  66. Whitelisting

    A mechanism that explicitly allows some specific entities to access a particular privilege or service.

  67. XML

    A markup language that defines a set of rules for encoding documents in a format that is both human-readable and machine-readable.

How Does DMARC Help?

GLOBAL STATISTICS JUSTIFYING THE NEED FOR EMAIL AUTHENTICATION

Phishing attacks have risen by 350% post the COVID-19 Pandemic!

$600 million every year is scammed by Phishing attacks!

Globally 1 in 3 companies have been victims of CEO Fraud Email Scams!

DMARC has been adopted by the biggest email senders and email receivers globally. This includes Yahoo!, Google, and Microsoft, covering 85% of the consumer inboxes in the world.

The most important reason why DMARC should be used is that it gives an organisation full control on how their domain is being used. The organisation can also instruct the receivers on what actions should be taken if the incoming email is not legitimate and report the incident back to the organisation for further analysis.

It saves consumers from the trouble of identifying whether an email is legitimate or a spam. Sometimes it may happen that regardless of all the knowledge of email spoofing a receiver might fall into the trap. DMARC makes sure that this does not happen.

Eliminate Phishing Attacks and Increase Email Deliverability!