Everything you need to know about terms used for DMARC
A category of XML files containing aggregate email authentication information regularly sent to recipients selected by domain owners. The reports are sent by Email Service Providers (ESPs) like Gmail, Office 365, Yahoo Mail, etc.
A scenario where three header fields in an email match (From, ReturnPath(SPF), and DKIM d=), proving taht the email is a legitimate one originating from where it is meant to come from.
Application Programming Interface. It is a software intermediary that allows two applications to talk to each other.
Anti-Phishing Working Group. An international consortium that unifies firms that have been harmed by phishing attacks, security products and services providers, law enforcement agencies, government agencies, trade associations, regional international treaty organisations, and communications providers.
Authenticated Received Chain. An email authentication system that enables an intermediate mail server (a mailing list or forwarding service) to sign the original authentication findings of an email.
Business Email Compromise. A category of cybercrimes in which criminals send an email message with a legitimate request that appears to come from a known source.
Brand Indicators for Message Identification. A standard that attaches your company’s logo in authorised email communications.
A method used by most antivirus programs and intrusion prevention/detection systems that work by maintaining a list of applications that are to be denied system access.
Classless Inter-domain Routing. A set of IP standards that are used to provide network and device IDs that are unique.
Canonical Name. A type of resource record in the DNS that provides the mapping of one domain name to another.
Computer Security Incident Response Team. A group of IT specialists who provide services and assistance to a business in the areas of cybersecurity risk assessment, management and prevention, as well as incident response coordination.
DNS-based Authentication of Named Entities. An Internet security protocol that allows domain names to be tied to X. 509 digital certificates, which are often used for Transport Layer Security (TLS).
Distributed Denial-of-service. A cyber-attack in which the attacker attempts to make a computer or network resource unavailable to its intended users by disrupting the services of a host connected to the Internet for a period of time or indefinitely.
DomainKeys Identified Mail. A technical standard that aids in the prevention of spam, spoofing, and phishing of email senders and recipients.
A scenario in which the parent domain of your email’s DKIM signature domain matches the Header From domain.
Domain-based Message Authentication, Reporting, and Conformance. An open email authentication protocol that protects an email domain from unauthorized use (often known as email spoofing), phishing attacks via impersonation, and other cyber attacks or crimes.
Domain Management Function. A centralised authority within an organisation that is responsible for the acquisition, management, and monitoring of Internet domains.
Domain Name System. A hierarchical naming system for devices and resources connected to the Internet or a private network.
DNS Security Extensions. A DNS feature that authenticates responses to domain name lookups.
Email Service Provider. A provider of email hosting that implements email servers for the exchange of emails on behalf of other organizations or end-users.
Extended Simple Mail Transfer Protocol. A protocol used to send and receive emails over the network.
Reports that are sent out if an email from a domain fails both the SPF and DKIM authentication protocols. These reports contain data about the spoofed email such as the sending email address, receiving email address, subject, and, sometimes, the header of the email.
A header field defined in RFC5322 with two components, namely Display Name and Address Field.
Fully Qualified Domain Name. A complete address for a website, computer, server or similar entity that exists on the Internet.
A computer security tool to detect, deflect, or prevent attempts at unauthorized use of a system.
Internet Engineering Task Force. An open standards organization that develops and promotes voluntary Internet standards, specifically the ones that comprise the Internet protocol suite.
Internet Mail Access Protocol version 4. An Internet standard protocol for storing and retrieving messages from SMTP hosts.
A category of cyberattack in which the attacker imitates or copies the behaviour or actions of another person or organization.
Internet Protocol. A set of rules governing the format of data that is sent via the internet or local network.
Internet Service Provider. An organization that provides many different services for accessing, using, or participating in the Internet.
Local Area Network. A network of connected devices in one physical location such as a building, office, or home.
Messaging, Malware and Mobile Anti-Abuse Working Group. An organization that develops cooperative approaches for fighting online abuse.
Metropolitan Area Network. A computer network that interconnects devices in a geographical region of the size of a metropolitan area.
Multipurpose Internet Mail Extensions. A standard that indicates the nature and format of a document, file, or combination of bytes.
Message Submission Agent. A computer program or software agent that receives emails from a mail user or agent and assists the mail transfer agent with the delivery of the mail.
An organization that offers managed IT services to customers.
Managed Security Service Provider. An organization that offers cybersecurity services to end users.
Message Transfer Agent. A software that transfers electronic mail messages between devices using SMTP.
Mail Transfer Agent Strict Transport Security. A protocol that informs services that are sending your organisation emails that your domain supports Transport Layer Security (TLS) 1.2 or higher.
Mail User Agent. A computer application that allows you to send and retrieve emails
Mail Exchanger. A destination mail server.
A record that specifies the mail server responsible for accepting email messages on behalf of a domain name.
An organisation’s chosen field of action.
A type of social engineering attack in which an attacker, acting as a legitimate entity, tricks a victim into opening an email, instant message, or text message.
Post Office Protocol 3. An application-layer Internet standard protocol used by email clients to retrieve emails from a mail server.
A type of DNS record that resolves an IP address to a domain or hostname.
A hardware module or device used to receive signals of different kinds.
A server that receives an email to be delivered to inboxes and generates aggregate and forensic reports.
A set of XML files providing aggregate email authentication information given by Email Service Providers (ESPs) like Gmail, Office 365, Yahoo Mail, and others to domain owners.
A set of XML files that are sent out if an email from your domain fails both the SPF and DKIM authentication protocols.
An email server through which third parties can send emails and have them forwarded to the email recipients’ email servers.
Single Sign-On. An authentication system that allows a user to log in with a single ID and password to any of several related, yet independent software systems.
A standard for public-key encryption and signing of MIME data.
Simple Mail Transfer Protocol. An internet standard communication protocol for electronic mail transmission.
An organization that sends emails on behalf of others.
An email authentication system that detects forged sender addresses while an email is being delivered.
A technique that is useful when the DNS lookup limit is reached due to an increased number of SPF mechanisms.
The act of mimicking a communication from a trusted or legitimate source.
Secure Sockets Layer. An encryption-based Internet security protocol.
The conceptual model and a set of communications and protocols used over the Internet and other networks.
Transport Layer Security. A type of protocol designed to provide communications security over a computer network.
A type of DNS record used to associate text with a host or another name.
Uniform Resource Locator. The mechanism used by browsers to find any published resource on the web.
Vendor Email Compromise. A scenario in which a cybercriminal takes over a legitimate email account of a well-known vendor to trick a business into making payment information modifications that benefit the criminal.
Wide Area Network. A connection of systems that serves the primary purpose of computer networking and spans a broad geographic area.
A mechanism that explicitly allows some specific entities to access a particular privilege or service.
A markup language that defines a set of rules for encoding documents in a format that is both human-readable and machine-readable.
How Does DMARC Help?
GLOBAL STATISTICS JUSTIFYING THE NEED FOR EMAIL AUTHENTICATION
DMARC has been adopted by the biggest email senders and email receivers globally. This includes Yahoo!, Google, and Microsoft, covering 85% of the consumer inboxes in the world.
The most important reason why DMARC should be used is that it gives an organisation full control on how their domain is being used. The organisation can also instruct the receivers on what actions should be taken if the incoming email is not legitimate and report the incident back to the organisation for further analysis.
It saves consumers from the trouble of identifying whether an email is legitimate or a spam. Sometimes it may happen that regardless of all the knowledge of email spoofing a receiver might fall into the trap. DMARC makes sure that this does not happen.