DMARC
Domain-based Message Authentication, Reporting, and Conformance (DMARC) is an email authentication protocol that protects domain owners from email spoofing and impersonation attacks.
Solve your email delivery, impersonation and spoofing problems with DMARC.
Microsoft recently announced that domains sending over 5,000 daily emails to outlook.com, live.com, and hotmail.com must implement authentication protocols or face delivery to junk folders. Starting May 5, 2025, Outlook will begin directing non-compliant messages to the junk folder.
Required protocols include Domain-based Message Authentication, Reporting, and Conformance (DMARC), along with related standards Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM).
These authentication measures aim to reduce spam and phishing by verifying the legitimacy of senders across major email providers.
To assess if recent email authentication changes impact your business, you need comprehensive visibility into all outgoing email from your domain.
Microsoft, Google, and Yahoo evaluate total email volume from domains, not just individual platforms. While your Google Workspace logs might show fewer than 5,000 emails, you must also account for messages sent through marketing platforms, CRMs, and other systems.
The most efficient approach is to implement a DMARC monitoring solution.
We've partnered with Sendmarc, a leading provider of DMARC implementation and management. Their platform empowers you to manage any number of domains and safeguard them against misuse and the sending of fraudulent emails. It examines the domain level and shows exactly where the email is originating from.
Once you have this complete picture, you can ensure each sending platform passes DMARC verification. These monitoring tools excel at identifying which protection mechanisms are correctly configured and where critical gaps exist that require attention.
Need to implement DMARC? Get in touch.
You are currently viewing a placeholder content from HubSpot. To access the actual content, click the button below. Please note that doing so will share data with third-party providers.
More InformationBenefits of DMARC
Improved Email Deliverability
Email providers are more likely to trust and deliver emails from domains with DMARC policies.
Reduce Phishing Attacks
Prevents cybercriminals from using your domain to send fraudulent emails.
Enhanced Visibility
Reports provide insight into all sources sending email on behalf of your domain.
Meet Compliance Requirements
Helps meet various regulatory requirements for email security.
Brand Protection
DMARC prevents unauthorised use of your brand identity in email communications.
How to Know if Your Business Is Affected by New Email Requirements
To determine whether these changes impact your business and domain, you first need a clear understanding of where all emails from your domain are being sent.
Keep in mind: Microsoft, Google, and Yahoo monitor the volume of emails coming from a domain. Even if you check your internal systems, like Google Workspace, and see fewer than 5,000 emails, that’s only part of the picture. You also need to factor in emails sent through platforms like your CRM, email marketing tools, and other third-party services.
The easiest way to get a complete view is by using a DMARC monitoring solution — such as Sendmarc. Tools like these analyse email traffic at the domain level, showing exactly where your emails are coming from.
Once you have visibility, your next step is ensuring that every sending platform passes DMARC checks. Microsoft now requires that all incoming emails align with either SPF or DKIM authentication standards. A tool like Sendmarc not only shows which protections are in place, but also highlights where gaps exist — so you can fix issues before they become a problem.
You are currently viewing a placeholder content from YouTube. To access the actual content, click the button below. Please note that doing so will share data with third-party providers.
More Information
Why All Senders Should Care About the Microsoft DMARC Requirements
Microsoft’s new DMARC rules focus on high-volume senders, but the truth is every domain should have SPF, DKIM, and DMARC properly configured — no matter how many emails you send. Without these essential protections in place, your emails are far more likely to end up in your recipients’ Spam or Junk folders, even if your domain hasn’t been compromised.
Implementing SPF, DKIM, and DMARC correctly isn’t just about compliance — it’s about improving your email deliverability, protecting your brand reputation, and ensuring your communications are trusted and secure.
We make it simple. We’ll help you assess your domain’s current standing, configure all necessary sources correctly, and move your organisation toward full email protection — so your legitimate emails stay trusted and secure.
Microsoft DMARC Requirements
Domain-based Message Authentication, Reporting, and Conformance (DMARC)
DMARC builds on SPF and DKIM. It allows domain owners to specify how unauthenticated emails should be handled and provides reports that help monitor and improve email security.
The Microsoft requirements include a published DMARC record and a minimum policy of p=none.
Sender Policy Framework (SPF)
SPF helps prevent spammers from sending messages on behalf of your organisation’s domain. It does this by specifying which IP addresses are authorised to send email from a domain.
DomainKeys Indentified Mail (DKIM)
DKIM allows your business to attach a digital signature to its emails. This signature verifies that the email hasn’t been tampered with in transit and confirms it was authorised by your business’s domain.
Implement DMARC and solve your email delivery, impersonation and spoofing problems
Speak to one of our email security specialists about DMARC and protect you emails.
Contact Us
You are currently viewing a placeholder content from HubSpot. To access the actual content, click the button below. Please note that doing so will share data with third-party providers.
More Information