DMARC Dictionary
DMARC Dictionary
Everything you need to know about terms used for DMARC
Aggregate reports
A category of XML files containing aggregate email authentication information regularly sent to recipients selected by domain owners. The reports are sent by Email Service Providers (ESPs) like Gmail, Office 365, Yahoo Mail, etc.
Alignment
A scenario where three header fields in an email match (From, ReturnPath(SPF), and DKIM d=), proving taht the email is a legitimate one originating from where it is meant to come from.
API
Application Programming Interface. It is a software intermediary that allows two applications to talk to each other.
APWG
Anti-Phishing Working Group. An international consortium that unifies firms that have been harmed by phishing attacks, security products and services providers, law enforcement agencies, government agencies, trade associations, regional international treaty organisations, and communications providers.
ARC
Authenticated Received Chain. An email authentication system that enables an intermediate mail server (a mailing list or forwarding service) to sign the original authentication findings of an email.
BEC
Business Email Compromise. A category of cybercrimes in which criminals send an email message with a legitimate request that appears to come from a known source.
BIMI
Brand Indicators for Message Identification. A standard that attaches your company’s logo in authorised email communications.
Blacklisting
A method used by most antivirus programs and intrusion prevention/detection systems that work by maintaining a list of applications that are to be denied system access.
CIDR
Classless Inter-domain Routing. A set of IP standards that are used to provide network and device IDs that are unique.
CNAME
Canonical Name. A type of resource record in the DNS that provides the mapping of one domain name to another.
CRTSIRT
Computer Security Incident Response Team. A group of IT specialists who provide services and assistance to a business in the areas of cybersecurity risk assessment, management and prevention, as well as incident response coordination.
DANE
DNS-based Authentication of Named Entities. An Internet security protocol that allows domain names to be tied to X. 509 digital certificates, which are often used for Transport Layer Security (TLS).
DDoS
Distributed Denial-of-service. A cyber-attack in which the attacker attempts to make a computer or network resource unavailable to its intended users by disrupting the services of a host connected to the Internet for a period of time or indefinitely.
DKIM
DomainKeys Identified Mail. A technical standard that aids in the prevention of spam, spoofing, and phishing of email senders and recipients.
DKIM alignment
A scenario in which the parent domain of your email’s DKIM signature domain matches the Header From domain.
DMARC
Domain-based Message Authentication, Reporting, and Conformance. An open email authentication protocol that protects an email domain from unauthorized use (often known as email spoofing), phishing attacks via impersonation, and other cyber attacks or crimes.
DMF
Domain Management Function. A centralised authority within an organisation that is responsible for the acquisition, management, and monitoring of Internet domains.
DNS
Domain Name System. A hierarchical naming system for devices and resources connected to the Internet or a private network.
DNSSEC
DNS Security Extensions. A DNS feature that authenticates responses to domain name lookups.
ESP
Email Service Provider. A provider of email hosting that implements email servers for the exchange of emails on behalf of other organizations or end-users.
ESMTP
Extended Simple Mail Transfer Protocol. A protocol used to send and receive emails over the network.
Forensic Report
Reports that are sent out if an email from a domain fails both the SPF and DKIM authentication protocols. These reports contain data about the spoofed email such as the sending email address, receiving email address, subject, and, sometimes, the header of the email.
From Header
A header field defined in RFC5322 with two components, namely Display Name and Address Field.
FQDN
Fully Qualified Domain Name. A complete address for a website, computer, server or similar entity that exists on the Internet.
Honeypot
A computer security tool to detect, deflect, or prevent attempts at unauthorized use of a system.
IETF
Internet Engineering Task Force. An open standards organization that develops and promotes voluntary Internet standards, specifically the ones that comprise the Internet protocol suite.
IMAP4
Internet Mail Access Protocol version 4. An Internet standard protocol for storing and retrieving messages from SMTP hosts.
Impersonation
A category of cyberattack in which the attacker imitates or copies the behaviour or actions of another person or organization.
IP
Internet Protocol. A set of rules governing the format of data that is sent via the internet or local network.
ISP
Internet Service Provider. An organization that provides many different services for accessing, using, or participating in the Internet.
LAN
Local Area Network. A network of connected devices in one physical location such as a building, office, or home.
M3AAWG
Messaging, Malware and Mobile Anti-Abuse Working Group. An organization that develops cooperative approaches for fighting online abuse.
MAN
Metropolitan Area Network. A computer network that interconnects devices in a geographical region of the size of a metropolitan area.
MIME
Multipurpose Internet Mail Extensions. A standard that indicates the nature and format of a document, file, or combination of bytes.
MSA
Message Submission Agent. A computer program or software agent that receives emails from a mail user or agent and assists the mail transfer agent with the delivery of the mail.
MSP
An organization that offers managed IT services to customers.
MSSP
Managed Security Service Provider. An organization that offers cybersecurity services to end users.
MTA
Message Transfer Agent. A software that transfers electronic mail messages between devices using SMTP.
MTA-STS
Mail Transfer Agent Strict Transport Security. A protocol that informs services that are sending your organisation emails that your domain supports Transport Layer Security (TLS) 1.2 or higher.
MUA
Mail User Agent. A computer application that allows you to send and retrieve emails
MX
Mail Exchanger. A destination mail server.
MX-record
A record that specifies the mail server responsible for accepting email messages on behalf of a domain name.
Organizational Domain
An organisation’s chosen field of action.
Phishing
A type of social engineering attack in which an attacker, acting as a legitimate entity, tricks a victim into opening an email, instant message, or text message.
POP3
Post Office Protocol 3. An application-layer Internet standard protocol used by email clients to retrieve emails from a mail server.
PTR
A type of DNS record that resolves an IP address to a domain or hostname.
Receiver
A hardware module or device used to receive signals of different kinds.
Reporter
A server that receives an email to be delivered to inboxes and generates aggregate and forensic reports.
RUA
A set of XML files providing aggregate email authentication information given by Email Service Providers (ESPs) like Gmail, Office 365, Yahoo Mail, and others to domain owners.
RUF
A set of XML files that are sent out if an email from your domain fails both the SPF and DKIM authentication protocols.
Smart Host
An email server through which third parties can send emails and have them forwarded to the email recipients’ email servers.
SSO
Single Sign-On. An authentication system that allows a user to log in with a single ID and password to any of several related, yet independent software systems.
S/MIME
A standard for public-key encryption and signing of MIME data.
SMTP
Simple Mail Transfer Protocol. An internet standard communication protocol for electronic mail transmission.
Source
An organization that sends emails on behalf of others.
SPF
An email authentication system that detects forged sender addresses while an email is being delivered.
SPF Flattening
A technique that is useful when the DNS lookup limit is reached due to an increased number of SPF mechanisms.
Spoofing
The act of mimicking a communication from a trusted or legitimate source.
SSL
Secure Sockets Layer. An encryption-based Internet security protocol.
TCP/IP
The conceptual model and a set of communications and protocols used over the Internet and other networks.
TLS
Transport Layer Security. A type of protocol designed to provide communications security over a computer network.
TXT
A type of DNS record used to associate text with a host or another name.
URL
Uniform Resource Locator. The mechanism used by browsers to find any published resource on the web.
VEC
Vendor Email Compromise. A scenario in which a cybercriminal takes over a legitimate email account of a well-known vendor to trick a business into making payment information modifications that benefit the criminal.
WAN
Wide Area Network. A connection of systems that serves the primary purpose of computer networking and spans a broad geographic area.
Whitelisting
A mechanism that explicitly allows some specific entities to access a particular privilege or service.
XML
A markup language that defines a set of rules for encoding documents in a format that is both human-readable and machine-readable.
How Does DMARC Help?
GLOBAL STATISTICS JUSTIFYING THE NEED FOR EMAIL AUTHENTICATION
Phishing attacks have risen by 350% post the COVID-19 Pandemic!
$600 million every year is scammed by Phishing attacks!
Globally 1 in 3 companies have been victims of CEO Fraud Email Scams!
DMARC has been adopted by the biggest email senders and email receivers globally. This includes Yahoo!, Google, and Microsoft, covering 85% of the consumer inboxes in the world.
The most important reason why DMARC should be used is that it gives an organisation full control on how their domain is being used. The organisation can also instruct the receivers on what actions should be taken if the incoming email is not legitimate and report the incident back to the organisation for further analysis.
It saves consumers from the trouble of identifying whether an email is legitimate or a spam. Sometimes it may happen that regardless of all the knowledge of email spoofing a receiver might fall into the trap. DMARC makes sure that this does not happen.
- Protection against phishing on your customers using your domains.
- Protection against Brand Abuse and targeted scams.
- Protection against ever rising Malware and Ransomware Attacks.
- Protection against Spear Phishing and CEO Frauds.