DMARC Technical Specification


Related Specifications

The following specifications, listed alphabetically, are related to DMARC in various ways.

Authentication Failure Reporting Format (AFRF)

  • A new report sub-type extension for the Abuse Report Format (ARF) (see: RFC 5965)
  • Allows for relaying of forensic details regarding an authentication failure
  • Supports reporting of SPF and/or DKIM failures
    • For SPF, reports the client IP address and the SPF record(s) that were retrieved, producing a “fail” result
    • For DKIM, reports the canonicalized header and body that produced a failed signature, allowing forensic analysis by the signer to detect why the failure occurred
    • Also supports ADSP reporting of messages that weren’t signed but should have been
  • This will be used by DMARC sites for reporting per-message failure details.
  • An aggregate reporting format is suggested within an appendix of the DMARC specification.

DomainKeys Identified Mail (DKIM)

  • DKIM provides a method for validating a domain name identity that is associated with a message through cryptographic authentication.
  • DMARC uses DKIM results as one method (SPF being the other) for receivers to check email.
  • More Information: DKIM.org

Sender Policy Framework (SPF)

  • SPF provides a method for validating the envelope sender domain identity that is associated with a message through path-based authentication.
  • DMARC uses SPF results as one method (DKIM being the other) for receivers to check email.
  • More Information: OpenSPF.org

 

Leave a Reply