Domain-based Message Authentication, Reporting, and Conformance (DMARC), March 2015
- File formats:
- Updated by:
- RFC 8553, RFC 8616
- M. Kucherawy, Ed.
E. Zwicky, Ed.
Discuss this RFC: Send questions or comments to firstname.lastname@example.org
Domain-based Message Authentication, Reporting, and Conformance (DMARC) is a scalable mechanism by which a mail-originating organization can express domain-level policies and preferences for message validation, disposition, and reporting, that a mail-receiving organization can use to improve mail handling.
Originators of Internet Mail need to be able to associate reliable and authenticated domain identifiers with messages, communicate policies about messages that use those identifiers, and report about mail using those identifiers. These abilities have several benefits: Receivers can provide feedback to Domain Owners about the use of their domains; this feedback can provide valuable insight about the management of internal operations and the presence of external domain name abuse.
DMARC does not produce or encourage elevated delivery privilege of authenticated email. DMARC is a mechanism for policy distribution that enables increasingly strict handling of messages that fail authentication checks, ranging from no action, through altered delivery, up to message rejection.
For the definition of Status, see RFC 2026.
For the definition of Stream, see RFC 8729.