What is Dmarc, domain alignment & authentication and why do I need it ? Print

  • 33

It is important to note that by default, your domain will not be properly aligned or authenticated, someone needs to have actually done this for it to be active.

What is Domain Alignment?

Domain alignment (also called identifier alignment) is a mechanism that ensures an authenticated email domain aligns with the domain found in the 'From' header address, which represents the sender's identity.

Before you implement domain alignment, you first need to authenticate your domain. This will verify your domain and help to improve your email deliverability. 

What is email authentication?

Email authentication is a technical solution to proving that an email is not forged. In other words, it provides a way to verify that an email comes from who it claims to be from. Email authentication is most often used to block harmful or fraudulent uses of email such as phishing and spam.

In practice, we use the term “email authentication” to refer to technical standards that make this verification possible. The most commonly used email authentication standards are SPF, DKIM, and DMARC. These standards were designed to supplement SMTP, the basic protocol used to send email because SMTP does not itself include any authentication mechanisms.

What is email deliverability?

Email deliverability is the ability to deliver emails to recipients’ inboxes. It’s used to determine the chance of email messages reaching your recipients’ inboxes.


Not having a properly authenticated domain will the following issues:-

  • scammers and criminals can send out spoof emails from your domain. This includes spam, phishing emails, scam emails, malware, and more.
  • your domain will get blacklisted due to the above. If you get blacklisted by big providers such as Google or Microsoft, this can be impossible to undo.
  • damage to your reputation due to the above
  • legitimate emails from you will end up in recipients' spam folders and will not be read. If you get blacklisted, this will affect most of not all of your emails.

I do strongly suggest taking care of this, as this does affect most small businesses and even many large organizations, most of whom are oblivious to the ongoing issue.

If you want to learn more, here are some useful articles.

  • [what is DKIM](https://domainadmintools.com/what-is-dkim/)
  • [What is SPF](https://domainadmintools.com/what-is-spf-sender-policy-framework/):
  • [What is DMARC and how does it work?](https://domainadmintools.com/what-is-dmarc-and-how-does-it-work/)
  • [What is Phishing](https://domainadmintools.com/what-is-phishing/)

If you are happy to manage yourself I recommend signing up for an account with [Easydmarc](https://partners.easydmarc.com/dx5dpz66ow16) to monitor your compliance. The aggregate reports will show you how many emails are failing domain alignment checks, and the number of spoofed emails being sent from illegitimate sources so that you can deal with the issue.

Use the email testing tool to check that emails from all your valid sources (website, mailing list, CRM etc) are passing.

If you would rather have this managed for you, I do offer domain alignment and managed dmarc services, please [click here](https://drive.google.com/open?id=167W6xMxync24QZarKNz0ONArmAU5UlSe&authuser=russ%40michaels.me.uk&usp=drive_fs) for more details.
You can signup for those services [here](https://clients.michaels.me.uk/index.php?rp=/store/security).

Was this answer helpful?

« Back