What is DMARC and How does it work?
DMARC (Domain-based Message Authentication Reporting and Conformance) is an email authentication protocol that was created with the objective of securing business domains and brands from spoofing attacks. An attacker can pretend to be your company in order to send phishing email to your customers, business partners, and employees.
The goal of DMARC is to build on this system of senders and receivers collaborating to improve mail authentication practices of senders and enable receivers to reject unauthenticated messages. DMARC is built on two technologies: SPF (Sender Policy Framework), and DKIM (DomainKeys Identified Mail).
In order for a message to be DMARC-approved, it has to pass either SPF or DKIM authentication. If an email fails both, the server checks your DMARC policy to see what to do next. Your policy can be set in your DMARC record to one of 3 options: