RFC 9989 - Domain-Based Message Authentication, Reporting, and Conformance (DMARC)
- Status: Proposed Standard
- Published: May 2026
- Stream: IETF
- Obsoletes: RFC 7489, RFC 9091
Abstract
This document describes the Domain-based Message Authentication, Reporting, and Conformance (DMARC) protocol. DMARC lets an Author Domain owner validate domain use, publish handling preferences for failed validation, and request reports. This document obsoletes RFC 7489 and RFC 9091.
DMARC Document Set
- RFC 9989 - DMARC
- RFC 9990 - DMARC Aggregate Reporting
- RFC 9991 - DMARC Failure Reporting
- RFC 7489 - Original DMARC specification
Contents
- 1. Introduction
- 2. Requirements
- 3. Terminology and Definitions
- 4. Overview and Key Concepts
- 5. DMARC Participation
- 6. DMARC Feedback
- 7. Other Topics
- 8. Conformance Requirements for Full DMARC Participation
- 9. IANA Considerations
- 10. Privacy Considerations
- 11. Security Considerations
- 12. References
- Appendix A. Technology Considerations
- Appendix B. Examples
- Appendix C. Changes from RFC 7489
- Acknowledgements and Authors' Addresses
Related Resources
- Official Text: RFC 9989
- Official Page: RFC 9989 DataTracker
- Errata: RFC Editor Errata