Skip to main content

Using DMARC
draft-crocker-dmarc-bcp-03

Document Type Expired Internet-Draft (individual)
Author Dave Crocker
Last updated 2014-05-09 (Latest revision 2013-11-05)
Stream (None)
Formats
Expired & archived
plain text xml htmlized pdfized bibtex
Stream Stream state (No stream defined)
Consensus boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date (None)
Responsible AD (None)
Send notices to (None)
This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at:
https://www.ietf.org/archive/id/draft-crocker-dmarc-bcp-03.txt

Abstract

Email abuse often relies on unauthorized use of a domain name, such as one belonging to a well-known company (brand). SPF and DKIM provide basic domain name authentication methods for email. A recent industry effort built an additional authentication-based layer, called Domain-based Message Authentication, Reporting & Conformance (DMARC). It allows a sender to indicate that their emails are protected by SPF and/or DKIM, and tells a receiver what to do if neither of those authentication methods passes; it also provides a reporting mechanism, from receivers back to domain owners. Such capabilities over the public Internet are unusual and their use is not yet well-understood. This document formulates a set of best practices for the use of DMARC.

Authors

Dave Crocker

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)