DMARC 简介

什么是 DMARC？

DMARC 是 Domain-based Message Authentication, Reporting & Conformance 的缩写，是一种检验电子邮件是否发自合法来源的方法。它建立在广泛使用的 SPF 和 DKIM 协议上，并且增加了域名对齐检验和报告功能，来监测域名是否遭受钓鱼***。

这是来自 dmarc.org 的示意图：

为什么 DMARC 很重要？

这是 dmarc.org 的说法：

With the rise of the social internet and the ubiquity of e-commerce, spammers and phishers have a tremendous financial incentive to compromise user accounts, enabling theft of passwords, bank accounts, credit cards, and more. Email is easy to spoof and criminals have found spoofing to be a proven way to exploit user trust of well-known brands. Simply inserting the logo of a well known brand into an email gives it instant legitimacy with many users.

Users can’t tell a real message from a fake one, and large mailbox providers have to make very difficult (and frequently incorrect) choices about which messages to deliver and which ones might harm users. Senders remain largely unaware of problems with their authentication practices because there’s no scalable way for them to indicate they want feedback and where it should be sent. Those attempting new SPF and DKIM deployment proceed very slowly and cautiously because the lack of feedback also means they have no good way to monitor progress and debug problems.

本文翻译自 Getting Started With DMARC，已经经过作者授权。