Glossary

DMARC

Q: What does DMARC mean in cybersecurity?

DMARC is a security term used to describe part of an organisation's external risk, exposure, or vulnerability management process.

Q: Why does DMARC matter for external attack surface monitoring?

It matters because attackers evaluate internet-facing assets continuously, and unmanaged exposure can become an exploitable path into customer data, infrastructure, or business operations.

Q: How does VeilScan help with DMARC?

VeilScan discovers public assets, checks them for verified issues, prioritises findings by business impact, and produces reports that explain remediation clearly.

Domain-based Message Authentication, Reporting, and Conformance

Quick Answer: DMARC (Domain-based Message Authentication, Reporting, and Conformance) is a DNS TXT record at _dmarc.yourdomain.com that tells receiving mail servers what to do with email from your domain that fails SPF or DKIM authentication. A policy of p=reject instructs receiving servers to reject spoofed email. A missing DMARC record or a p=none policy provides no protection against spoofing.

What are the DMARC policy options?

p=none — monitoring mode only. No action is taken on failing email. Reports are sent to the specified email address but spoofed email is still delivered. Provides zero protection against phishing.
p=quarantine — email that fails DMARC is moved to the recipient's spam or quarantine folder. Partial protection — the email is still delivered, just not to the inbox.
p=reject — email that fails DMARC is rejected entirely by the receiving mail server. The email is never delivered. Full protection against domain spoofing.

Why does missing DMARC matter for your business?

Without a DMARC p=reject or p=quarantine policy, an attacker can send email that appears to come from @yourcompany.com to your customers, partners, or employees. These spoofed emails are delivered to inboxes with your domain name in the From: field — making them highly convincing phishing messages.

Email spoofing enables: phishing attacks against your customers requesting payment or credential entry, business email compromise (BEC) attacks impersonating executives, and supplier fraud by impersonating your company in financial transactions.

How is DMARC configured?

Add a DNS TXT record at _dmarc.yourdomain.com with a value like: v=DMARC1; p=reject; rua=mailto:dmarc@yourdomain.com. Before enforcing p=reject, start with p=none and monitor reports to identify all legitimate email sources. Once SPF and DKIM are configured for all legitimate senders, graduate to p=quarantine then p=reject.

What are common questions about DMARC?

What does DMARC mean in cybersecurity?

DMARC describes a security concept that affects how teams understand, monitor, and reduce external exposure across internet-facing assets.

Why does DMARC matter for external attack surface monitoring?

It matters because attackers continuously inspect public assets. Tracking this concept helps teams reduce exploitable exposure before it becomes a breach path.

How does VeilScan help with DMARC?

VeilScan discovers public assets, validates findings with proof, prioritises issues by business impact, and explains remediation in reports built for engineering and leadership.

What related terms should you read next?

Check your DMARC policy. VeilScan's free scan includes SPF, DKIM, and DMARC checks for your domain. Start your free scan → · Back to glossary