Skip to main content

Domain-based Message Authentication, Reporting and Conformance (DMARC)

The information below is for an old version of the document.
Document Type
This is an older version of an Internet-Draft that was ultimately published as RFC 7489.
Expired & archived
Authors Murray Kucherawy , Elizabeth Zwicky
Last updated 2014-10-04 (Latest revision 2014-04-02)
RFC stream Independent Submission
IETF conflict review conflict-review-kucherawy-dmarc-base, conflict-review-kucherawy-dmarc-base, conflict-review-kucherawy-dmarc-base, conflict-review-kucherawy-dmarc-base, conflict-review-kucherawy-dmarc-base, conflict-review-kucherawy-dmarc-base
Stream ISE state In ISE Review
Awaiting Reviews
Consensus boilerplate Unknown
Document shepherd (None)
IESG IESG state Expired
Telechat date (None)
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:


This memo presents a proposal for a scalable mechanism by which a mail sending organization can express, using the Domain Name System, domain-level policies and preferences for message validation, disposition, and reporting, and a mail receiving organization can use those policies and preferences to improve mail handling. The email ecosystem currently lacks a cohesive mechanism through which email senders and receivers can make use of multiple authentication protocols to establish reliable domain identifiers, communicate policies about those identifiers, and report about mail using those identifiers. This lack of cohesion has several effects: receivers have difficulty providing feedback to senders about authentication, senders therefore have difficulty evaluating their authentication deployments, and as a result neither is able to make effective use of existing authentication technology. The enclosed proposal is not intended to introduce mechanisms that provide elevated delivery privilege of authenticated email. The proposal presents a mechanism for policy distribution that enables a continuum of increasingly strict handling of messages that fail multiple authentication checks, from no action, through altered delivery, up to message rejection.


Murray Kucherawy
Elizabeth Zwicky

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)