# The Beginners Guide to DMARC: Protecting Your Brand from Phishing Scams
Have you ever received an email claiming to be from a specific brand or company, but it clearly wasn’t? Unfortunately, this is a common occurrence and can be incredibly frustrating. To prevent these types of “phishy” emails from reaching your inbox, email authentication standards have been put in place. That’s where Domain-based Message Authentication, Reporting & Conformance (DMARC) comes into play.
## What is DMARC?
DMARC is an email protocol that uses Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM) to determine the authenticity of an email. It verifies the sender of an email to ensure it is coming from where it claims to be coming from. DMARC was created to prevent phishing scams, but its complexity has made it difficult for email marketers to reach their target customers if not implemented correctly.
## DMARC Policies and Email Providers
Many email providers currently have DMARC policies in place, but Google and Microsoft are expected to update their policies sometime this year. The new policies will directly affect how marketers send emails. Under the new policies, no one other than Google will be able to send email from an @gmail.com email address, and no one other than Microsoft will be able to send email from @outlook.com, @hotmail.com, @live.com, and @msn.com email addresses. Yahoo already has a similar policy in place, and therefore only Yahoo can send email from a @yahoo.com email address.
This means that email marketers cannot use Gmail or Microsoft email addresses to send email through an email provider. All email must be sent from an owned domain. In most cases, brands own their own domains. However, for smaller brands and companies, if email is sent through a Gmail or Microsoft domain, it will no longer be delivered even if it is wanted mail. Without complying with this update, marketers may see their deliverability rates drop.
## The Benefits of Complying with DMARC Standards
Complying with DMARC standards will help marketers control their sending reputations, increase visibility into their programs while keeping mail relevant, and establish consistent policies for dealing with unauthenticated mail.
### Protect Your Brand
Publishing a DMARC record protects your brand by preventing unauthenticated parties from sending mail from your domain. In some cases, simply setting up a DMARC record can result in a positive reputation bump.
### Increase Visibility into Your Email Program
Reviewing and consuming DMARC reports increases visibility into your email program by letting you know who is sending mail from your domain. You’re able to get a better look into who is trying to act like you.
### Establish a Consistent Policy for Unauthenticated Mail
DMARC helps the email community establish a consistent policy for dealing with messages that fail to authenticate. This helps the marketing email ecosystem as a whole become more secure and more trustworthy.
## The Takeaway
While there is no confirmed date for when Google and Microsoft will be updating their policies, they have specified it will be within this year. It’s best practice to comply with DMARC regardless if you don’t already. Businesses sending email from a Gmail or Microsoft domain will need to take immediate action to begin sending from an owned domain to ensure the deliverability of their email and success of their email programs. By adhering to DMARC protocols, all brands are setting the standard for authentic email and helping customers receive the mail they want most.
In conclusion, DMARC is a crucial protocol for preventing phishing scams and ensuring the authenticity of emails. Compliance with DMARC standards will not only protect your brand but also increase visibility into your email program and establish a consistent policy for dealing with unauthenticated mail. Understanding DMARC is important for email marketers, and it’s essential to comply with its policies to ensure the success of your email programs.
