DMARC Technical Specification
- Current Version: (Updated on February 5, 2015)
- Previous Versions: (Historical Reference Only)
The following specifications, listed alphabetically, are related to DMARC in various ways.
- A new report sub-type extension for the Abuse Report Format (ARF) (see: RFC 5965)
- Allows for relaying of forensic details regarding an authentication failure
- Supports reporting of SPF and/or DKIM failures
- For SPF, reports the client IP address and the SPF record(s) that were retrieved, producing a “fail” result
- For DKIM, reports the canonicalized header and body that produced a failed signature, allowing forensic analysis by the signer to detect why the failure occurred
- Also supports ADSP reporting of messages that weren’t signed but should have been
- This will be used by DMARC sites for reporting per-message failure details.
- An aggregate reporting format is suggested within an appendix of the DMARC specification.
- DKIM provides a method for validating a domain name identity that is associated with a message through cryptographic authentication.
- DMARC uses DKIM results as one method (SPF being the other) for receivers to check email.
- More Information: DKIM.org
- SPF provides a method for validating the envelope sender domain identity that is associated with a message through path-based authentication.
- DMARC uses SPF results as one method (DKIM being the other) for receivers to check email.
- More Information: OpenSPF.org