The number of valid DMARC policies observed in the DNS increased by 28% over the first half of 2021, to a total of 3.46 million, based on analysis of data supplied by Farsight Security. This was double the growth rate during the same period in 2020, when roughly 330,000 new records reflected a 17% increase from the end of 2019.

The graph below shows the number of valid DMARC records from the Farsight dataset that were confirmed to still be published and valid at the middle and end of each calendar year.

Valid DMARC Records at 6 Month Intervals

The average number of new records each month was roughly 162,500, but this reflects a very large (400k) increase in June 2021. Excluding June, the average increase was roughly 114,500 per month. If the second half of 2021 follows that lower average, the expected increase year-over-year would be 53%, or roughly 1.4MM records added by the end of 2021. More graphs and statistics, including the mix of DMARC policies published, are available on the DMARC Adoption and Policies page.

DMARC.org uses DNS transaction data supplied by Farsight Security that includes anonymized requests for DMARC records, and the corresponding responses, captured by their sensors at various strategic points on the Internet. DMARC.org weeds out invalid and malformed DMARC records, and makes sure the remaining records are still being served by looking them up in DNS.

Since this validation is performed in the month following the end of the quarter in which the data was captured, the result is a reasonable point-in-time figure for the portion of the Internet covered by Farsight’s sensors. It is unlikely to include all DMARC records published or in use on the Internet, but it is a stable subset that provides a useful picture of adoption and usage over time.

DMARC.org thanks Farsight Security for making this data available for research purposes.