Phishing attack or Email Spoofing is a growing problem for internet users. Phishers send Email messages to internet users that attempt to trick them into disclosing confidential information. Sometimes, these messages turn out to be very dangerous, if the user is not able to identify fraudulent messages and got tricked by the phishers. So, the better way to save users from phishers is to stop these messages before they reach the user mailboxes. DMARC (Domain-based Message Authentication, Reporting & Conformance) is playing a very important role in preventing Phishing attack or Email Spoofing problems.
DMARC specification is based on the two authentication policies:
- SPF (Sender Policy Framework)
- and/or DKIM (Domain Keys Identified Mail) authentication,
DKIM (Domain Keys Identified Mail) Signatures authenticates the domain name identity that is associated with the email message. This is done by cryptographic authentication. Encrypted key is used to sign the message and a public key is added as a DNS record to the domain indicated in the DKIM signature. A domain-level identifier is added in the content of the "d=" tag of a validated signature.
Before DMARC, there was no hard and fast rule that what ISPs need to do with non-authenticated messages. All non-authenticated emails were not rejected as a result of that many were allowed to reach the inbox.
But now, by using DMARC policy senders instruct Internet Service Providers (ISPs) to handle fraudulent and non-authenticated messages. When a message cannot be authenticated or can be authenticated, but does not pass the DMARC “test” then, email receivers sends a reports to the sender about the sent messages. ISPs then, deliver messages that can be successfully authenticated and pass the “DMARC test”, other messages are rejected before reaching user mailboxes.
Benefit of using DMARC:
With the use of this policy, non-authorized entity cannot send messages that spoof the company’s main domain. If someone who is not the legitimate owner of the domain“myCompany.com”, will try to deliver messages from “alerts@myCompany.com” then, the sent messages will be rejected automatically before being delivered to user.
In this way brands are protected from spoofing or phishing as the email messages sent by someone who tried to spoof the company’s main domain will never reach their customers. Thus, DMARC helps companies to fight against the hi-jacking/spoofing of their identity.