Each year since the DMARC protocol was first announced, more and more companies have found that it can help them monitor and protect email using their domains. Here are some notable companies or brands that began doing so in 2015, according to data provided by DMARC.org sponsor Farsight Security.

  1. Aflac (insurance)
  2. American Express (finance) †
  3. Apple Music (entertainment) †
  4. Blogspot (social media)
  5. Blue Shield of California (insurance)
  6. Computer Associates (computer software)
  7. Costco (retail)
  8. DHL (shipping) †
  9. Duke Energy (utility)
  10. Equinox (fitness)
  11. Expedia.com (travel)
  12. Federal Trade Commission, U.S. (government) †
  13. The Gap (apparel)
  14. Glaxo Smith Kline (pharmaceuticals)
  15. H&M (retail)
  16. Kickstarter (crowdsourcing) †
  17. Kroger (supermarkets)
  18. Old Navy (retail)
  19. Southwest Airlines (transportation)
  20. Uber (transportation) †
  21. Wachovia (finance) †
  22. Walmart (retail)
  23. Whirlpool (appliances)
  24. Wikipedia (social media)
  25. Wix (web/domain hosting) †

Readers can also check a longer list of Who is Using DMARC? that is not restricted to 2015. And this blog post tells you how to check to see if a given email sender is using DMARC.

Companies listed above with a † shown have set a strong DMARC policy requesting that no fraudulent messages be delivered to the inbox. Companies without this character shown are collecting reports about messages using their domain, fraudulent and legitimate, and may move to a strong DMARC policy after ensuring all their legitimate messages are passing authentication checks.