DMARC

最後更新: 2018-06-05

介紹

 

DMARC (Domain-based Message Authentication Reporting and Conformance)

Provide authentication reporting

Apply sender policies at the receiving end

In order to get started with DMARC, the sending domain needs to have an SPF and DKIM record published.

Gmail, Yahoo, Hotmail 等

Checking flow

Mail -> Public IP Base spam filter -> DKIM -> SPF

 


Domain

 

_dmarc.<您的網域>

 

Example

 

# In this scenario, the sender defines the policy as such that
# the receiver outright rejects all non-aligned messages and
# sends a report about the rejections to a specific email address.
# Default 100%

"v=DMARC1; p=reject; pct=100; rua=mailto:postmaster@your_domain.com" 

# none - Take no action. Only log the affected messages in the daily report.

"v=DMARC1; p=none; rua=mailto:postmaster@your_domain.com"

v     required    Protocol Version                      v=DMARC1
p     required    Protocol for Domain                   p=quarantine
rua   optional    Reporting UTIof aggregate report      rua=mailto:postmstr@domain.com
aspf  optional    Alignment mode for spf                aspf=r
pct   optional    % of message subjected to filtering   pct=20

aspf

There are two possible values being presented, relaxed “r” or strict “s”.

Relaxed allows for partial matches such as subdomains while strict requires an exact match.

none: 原則為無, 也就是假如信件沒法通過 SPF & DKIM 檢查也讓它通過

quarantine: 原則為隔離, 也就是假如信件沒法通過 SPF & DKIM 檢查, 把它隔離(放到垃圾信匣)

reject: 原則為拒絕, 也就是假如信件沒法通過 SPF & DKIM 檢查, 把它拒絕(直接丟棄或拒連)

mailto

The daily reports are sent in XML format.

They provide feedback informing you of the sending source IP addresses that have been sending out on your domain’s behalf. 

This helps in determining which sources are valid or not.

As a result, this assists in more effective deployment of your SPF and DKIM records.

deployment

When you are ready to complete the DMARC deployment,

remove the percentages from your policies so that the full action of “quarantine” and “reject” is now functioning at 100%.

 


 

 

 

 

Creative Commons license icon Creative Commons license icon