Mitigating DMARC damage to third party mail: Difference between revisions

From ASRG
Jump to navigationJump to search
(Created page with "[http://www.dmarc.org DMARC] is an anti-phishing technology. It has recently been repurposed by large mail providers to mitigate the damage from security breaches involving th...")
(No difference)

Revision as of 23:18, 31 May 2014

DMARC is an anti-phishing technology. It has recently been repurposed by large mail providers to mitigate the damage from security breaches involving theft of user information including theft of user address books.

DMARC alignment requires that the From: line address in a mail message match either a DKIM signature d= domain, or an SPF-validated bounce address domain. Unaligned mail may be quarantined, i.e. relegated to the spam folder or rejected by recipient systems. Mailing lists and other software that send legitimate but unaligned mail often find that mail rejected. Problems include recipients not getting the mail they want, and in some cases the normal list bounce processing removes the recipients from lists.