Email remains the backbone of business communication - and one of the biggest attack vectors. Phishing, spoofing, and Business Email Compromise (BEC) cause billions in damages each year. There’s a well-defined flow that secures email: the DMARC Flow.

The Starting Point: Sender and SPF

SPF specifies which mail servers are authorized to send on behalf of your domain. Receivers compare the connecting IP against this policy; if it isn’t authorized, SPF fails here.

The Signature: DKIM

DKIM signs outgoing messages with a cryptographic signature. Receivers verify the signature using your public key in DNS to ensure the message wasn’t altered and truly ties to your domain.

The Decision: DMARC

DMARC ties SPF and DKIM to your domain alignment and instructs receivers what to do when checks fail:

• none - deliver (monitoring mode)
• quarantine
• reject

DMARC also generates aggregate (RUA) and forensic (RUF) reports, giving you visibility into who sends on your behalf and how they authenticate.

The Flow as a Whole

• Sender publishes SPF, DKIM and DMARC policies.
• Recipient validates incoming mail against these policies.
• Reports flow back to the sender → you iterate and improve.

Why the DMARC Flow Matters

• Brand Protection: Blocks phishing using your domain.
• Trust: Recipients gain confidence your emails are authentic.
• Compliance: Insurers/regulators increasingly expect DMARC enforcement.