DMARC (Domain-based Message Authentication, Reporting & Conformance) is an email authentication protocol designed to give email domain owners the ability to protect their domain from unauthorized use, also known as email spoofing. A DMARC record is a type of DNS (Domain Name System) record that is published by a domain owner and specifies how email receivers should handle emails that fail SPF (Sender Policy Framework) and/or DKIM (DomainKeys Identified Mail) authentication checks.
The DMARC record provides the email receiver with information about what to do when an incoming email fails SPF or DKIM checks. For example, it can specify that the email should be rejected, quarantined, or accepted, based on the domain owner's preference. Additionally, the DMARC record can also provide information on where to send aggregate reports on the email handling, so that domain owners can monitor the email handling of their domain.
Having a DMARC record helps to protect against email spoofing, which can be used for phishing scams and other malicious purposes. By publishing a DMARC record, domain owners can indicate to email receivers which emails are authorized to be sent from their domain, and what actions should be taken with emails that fail authentication checks.
