Mitigating DMARC damage to third party mail

From ASRG
Revision as of 22:18, 31 May 2014 by Jrlevine (talk | contribs) (Created page with "[http://www.dmarc.org DMARC] is an anti-phishing technology. It has recently been repurposed by large mail providers to mitigate the damage from security breaches involving th...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

DMARC is an anti-phishing technology. It has recently been repurposed by large mail providers to mitigate the damage from security breaches involving theft of user information including theft of user address books.

DMARC alignment requires that the From: line address in a mail message match either a DKIM signature d= domain, or an SPF-validated bounce address domain. Unaligned mail may be quarantined, i.e. relegated to the spam folder or rejected by recipient systems. Mailing lists and other software that send legitimate but unaligned mail often find that mail rejected. Problems include recipients not getting the mail they want, and in some cases the normal list bounce processing removes the recipients from lists.