The DMARC (Domain-based Message Authentication, Reporting and Conformance) authentication protocol is built on two known and existing mechanisms, which are used to associate an email with a pre-defined domain. Both of the mechanisms rely on the ability to authenticate identities using DNS information, which is highly reliable and almost impossible for a threat actor to manipulate.
DMARC utilizes both SPF and DKIM by stating and publishing a clear behavioral policy for the
receiving mail servers to check and use. The DMARC protocol also contains an address, which is used to send the events and forensic reports it creates to the legitimate domain admins.
Based on DMARC, CyberInt developed a cloud-based platform that allows businesses to validate, detect and prevent email spoofing. It allows the enterprise to easily identify email senders not complying with the configured rules, and provides the ability to control the email’s delivery.