Building on efforts begun in 2010, a group of leading organizations came together in the spring of 2011 to collaborate on a method for combating fraudulent email at Internet-scale. The mission was two-fold:
- Enable senders to publish easily discoverable policies on unauthenticated email
- Enable receivers to provide authentication reporting to senders so that they can improve and monitor their authentication infrastructure
Their common goal was to develop an operational specification, with the desire that it would be able to achieve formal standards status. The concept behind DMARC was based on practical experience during loose collaborations between some of the founding senders and receivers who agreed on how to interpret mail coming from domains supporting DKIM and SPF.
The resulting DMARC specification was published on January 30, 2012 and subsequently publicly circulated as an Internet Draft on March 31, 2013. As of April 2, 2014 it was switched to the Independent Submissions track.
The founding contributors included:
- Receivers: AOL, Comcast, GMail, Hotmail, Netease, Yahoo! Mail
- Senders: American Greetings, Bank of America, Facebook, Fidelity, JPMorgan Chase & Co., LinkedIn, PayPal
- Intermediaries & Vendors: Agari, Cloudmark, ReturnPath, Trusted Domain Project
Industry liaisons during development of the specification included: