Skip to main content

8. Minimum Implementations

This section describes the minimum implementation requirements for different actors in the DMARC ecosystem.

A DMARC-compliant Mail Receiver MUST be able to do the following:

  1. Retrieve and interpret DMARC policy records from DNS.

  2. Evaluate DMARC policy by:

    • Performing SPF checks per [SPF].
    • Performing DKIM checks per [DKIM].
    • Evaluating Identifier Alignment as described in Section 3.1.
    • Applying the discovered DMARC policy.

  3. Send aggregate reports using the format specified in Section 7.2 to the addresses specified in the "rua" tag of the DMARC policy record.

A DMARC-compliant Mail Receiver SHOULD be able to do the following:

  1. Send failure reports as described in Section 7.3 to the addresses specified in the "ruf" tag of the DMARC policy record.

  2. Respect the "pct" tag when applying DMARC policy.

A DMARC-compliant Domain Owner MUST be able to do the following:

  1. Publish well-formed DMARC policy records in DNS as described in Section 6.

  2. Receive and process aggregate reports sent by Mail Receivers.

A DMARC-compliant Domain Owner SHOULD be able to do the following:

  1. Deploy SPF and/or DKIM for the domain.

  2. Ensure Identifier Alignment between the RFC5322.From domain and the domains authenticated by SPF and/or DKIM.

  3. Receive and process failure reports sent by Mail Receivers.

  4. Monitor reports and adjust policy based on the feedback received.

Last updated on