|
Domain-based Message Authentication, Reporting and Conformance or DMARC is an email validation system designed to detect email spoofing by providing a mechanism to allow receiving mail exchangers to check that incoming mail from a domain is authorized by that domain's administrators and that the email (including attachments) has not been modified during transport. It expands on two existing mechanisms, the well-known Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM), coordinating their results on the alignment of the domain in the From: header field, which is often visible to end users. It allows specification of policies (the procedures for handling incoming mail based on the combined results) and provides for reporting of actions performed under those policies.DMARC is specified in RFC 7489. ==History== A group of leading organizations came together in the spring of 2011 to collaborate on a method for combating fraudulent email at Internet-scale, based on practical experience with DKIM and SPF. They aimed to enable senders to publish easily discoverable policies on unauthenticated email - and to enable receivers to provide authentication reporting to senders to improve and monitor their authentication infrastructures.〔("History" ), dmarc.org〕 The resulting DMARC specification was published on January 30, 2012, and within one year DMARC was estimated to protect 60% of the world's mailboxes. In October 2013, Mailman 2.1.16 is released with options to handle posters from domain with the DMARC policy of p=reject . In April 2014, Yahoo changed its DMARC policy to p=reject , thereby causing misbehavior in several mailing lists.A few days later, AOL also changed its DMARC policy to p=reject .In March 2015, DMARC was published as RFC 7489, “Domain-based Message Authentication, Reporting, and Conformance (DMARC)” on the Independent Submission stream 〔("Status of DMARC ), dmarc.org〕 抄文引用元・出典: フリー百科事典『 ウィキペディア(Wikipedia)』 ■ウィキペディアで「DMARC」の詳細全文を読む スポンサード リンク
|