What is not to like about a technology that is simple, trusted, free and adds a very important layer of email protection to your organisation, and is mandated by UK and US governments?

It is FREE and helps protects your business, your customer’s business and your supplier’s business from email borne threats

Excellent Cisco video introduction to DMARC - 3 mins


  • Helps protect against email phishing attacks, business email compromise or ‘whaling’ and domain spoofing
  • Reduces SPAM
  • Improves deliverability of emails
  • Protects your businesses reputation
  • Free


CEO/CFO Fraud or 'Whaling'

One of the most common business email compromise scams is widely known as ‘whaling’ or CEO/CFO fraud. In this scam the ‘bad actor’ tries to make the receiver believe an email, requesting urgent money or information transfer, is from your CEO/CFO by spoofing the domain or other techniques. DMARC will prevent the email getting anywhere near the inbox and thus reducing the chance of becoming the victim of fraud.

Perhaps the bad actor tries to send an email seeking invoice payment with a fake invoice, or a real invoice with the bank details changed. They try and make it look like it is from your organisation – but with DMARC this email would never get to the inbox thus preventing payment to the wrong account.

To learn more about DMARC and to find out if you already have DMARC enabled use this form to contact us or continuing reading....

Please fill the required field.
Please fill the required field.
Please fill the required field.

Is DMARC really free?

Yes, in that the technology is available for all however set up is not a simple walk in the park and using non-IT skilled persons is not ideal. There are setup guides which will assist but I still recommend using skilled resource.

So, if implemented yourself then it really is free.

We typically charge half a day consultancy for setup. Contact us for more details.

DMARC is only the first line and like all things free is a baseline and good starting point. It is highly recommended more sophisticated email security solutions are also implemented.

What is DMARC?

Domain-based Message Authentication, Reporting and Conformance is an authentication tool that uses SPF and/or DKIM. It allows the sender to specify if messages are protected by SPF and DKIM, enabling the receiver to check, verify and accept, or reject, these valid emails. DMARC is setup within the DNS record for the domain.

As mentioned, it is a requirement to setup SPF and/or DKIM so that DMARC can validate against these parameters.

Sender Policy Framework (SPF)

If your email is hosted, as is often the case, then it is likely several servers will potentially be involved in sending that email rather than a single email server on your site working from a single IP address. SPF allows companies to define which servers are allowed to send emails on their behalf. Therefore, if an email purporting to be from your domain fails an SPF check then it is blocked.



DomainKeys Identified Mail (DKIM)

DKIM provides a digital signature or cryptographic verifier that is added to the outgoing email to prove the email originated the specified and trusted source.




IT consulting, services and supply. 35 years experience in IT including running IT department, procurement, marketing and technical sales. Our core philosophy is one of honesty and integrity. We only have engineers, no wide boys and everyone is focussed on doing the right thing for the customer.


  Amalfi Technology Consulting Ltd
25 Watchetts Drive, Camberley. GU15 2PQ

  01276 786102