What is RFC 7489 (DMARC)?

RFC 7489 defines DMARC (Domain-based Message Authentication, Reporting, and Conformance), which ties together SPF and DKIM into a unified policy framework. DMARC tells receivers how to handle messages failing authentication and provides reporting mechanisms.

The RFC specifies DMARC record format in DNS, alignment requirements between authentication domains and From headers, policy options (none, quarantine, reject), and aggregate and forensic reporting formats.

DMARC addresses the gap where messages could pass SPF or DKIM without those domains matching the visible From address. By requiring alignment, DMARC prevents sophisticated spoofing that earlier mechanisms could not detect.