DMARC is based on the SPF (Sender Policy Framework) and DKIM (Domainkeys Identified Mail) technologies. DMARC can be used to determine how a recipient should deal with a mail that does not correspond to the sender's DKIM or SPF settings. In addition, the recipient can send reports to the sender for evaluation. In this way, it is possible to obtain information about which unauthorized systems are sending e-mails under their own domain (for example, for phishing).
Since DKIM and SPF are prerequisites for DMARC, here are two more articles on the subject:
Setting up DMARC is very simple, just create a TXT record in the DNS which contains the corresponding DMARC settings. The e-mail address for the reports is also specified in this TXT record.
Here, for example, is the DMARC entry for frankysweb.de:
v=DMARC1; p=quarantine; pct=100; rua=mailto:re+v7oerrqch2y@dmarc.postmarkapp.com,mailto:postmaster@frankysweb.de; ruf=mailto:postmaster@frankysweb.de; sp=none; aspf=r; adkim=r;
The MXToolbox page also provides an explanation of the configured options:
Source: MXToolbox DMARC Record Lookup
As mentioned above, reports are also sent to the configured e-mail addresses (RUA = address for aggregated reports, RUF = address for forensic reports). The reports are usually packed and sent in XML format (an example of a report in XML format can be found at the end of the article).
So that not every report has to be evaluated manually, there are a number of providers that can be specified as RUA recipients for the domain and prepare the reports accordingly.
One of the free providers is Postmark. If Postmark is configured as an RUA recipient, you will receive a summarized DMARC report once a week. The information is not very detailed, but it's not bad for getting started and identifying problems. In addition, you can also have the DMARC reports sent to your own address, so that you can investigate in more detail if necessary.
If you would like to try out Postmark and the free DMARC reports, you can register here:
I have done the registration once, you only have to enter the domain and your own e-mail address for the Postmark reports:
Postmark must then be added as an RUA recipient in the DMARC TXT record; Postmark also provides an example of the DMARC record:
I have adapted the DMARC record slightly (see above) so that I also receive the RUA reports in XML format. Postmark then sends a confirmation email to the address and the reporting is active:
Every Monday, Postmark then sends a prepared DMARC report for the previous week. Here is an example of a report:
Looks a bit prettier than the pure XML data:
If you want even more detail, you can use DMARCAnalyzer, for example. However, DMARCAnalyzer is subject to a charge:
Update: Stefan has pointed out to me that the RUF entry is not in line with the GDPR. I have therefore removed the RUF entry from my DMARC record. Here is a PDF with an expert opinion on the GDPR and DMARC:
Many thanks to Stefan for the tip!