How do I use DMARC reports to protect my domain?


#1

I don’t really understand how DMARC reports are going to help me.


#2

A domain’s DMARC policy is part of its DNS record. There are two parts to this protocol: reporting and conformance. The reporting component allows domain owners to monitor the authentication of emails (which is done by the ISPs). The conformance component allows domain owners to dictate how ISPs handle unauthenticated emails. It allows companies to control who can send email from their domains, and therefore prevent phishing on their domains. That’s why every company needs DMARC.
The DMARC policy can be set to one of three levels: “none,” “quarantine,” and “reject.” They correspond to monitoring, ‘soft-blocking,’ and rejecting emails based on authentication status.
Here’s an example:
You send email from [email protected]. You set your DMARC policy to “none,” and the setting is hosted in your DNS record. Once you have a policy, you can start monitoring your email authentication through DMARC reports.