DMARC

What is DMARC?

DMARC, or Domain-based Message Authentication, Reporting, and Conformance is an email authentication protocol that can be added to the DNS. The protocol verifies whether the sender of an email that claims to be from a particular domain actually has permission to send this email. DMARC works by letting domain owners specify which email servers are authorized to send emails on their behalf and instructing receiving email servers on how to handle messages that fail this authentication. 

Example:

Let's consider a bank using DMARC. The bank adds a DMARC record to its DNS settings, which indicates that only emails from its own mail servers are legitimate. Now, if a cybercriminal tries to send a phishing email pretending to be a representative from the bank, the recipient's email provider will check the DMARC record. If the email doesn't come from an authorized server, the recipient's provider will take appropriate action, including marking the email as spam or rejecting it outright.