9 articles
DMARCbis (RFC 9989/9990/9991) replaces RFC 7489 from 2015. Learn about DNS Tree Walk, new tags, the impact for senders and receivers, and backward compatibility.
Step-by-step guide to migrate to DMARCbis (RFC 9989): audit your config, 3-phase plan to p=reject, reading RUA reports, new t= and np= tags, deployment checklist.
The most common causes ranked by impact, from DNS authentication to audience quality. A complete diagnosis to escape the spam folder.
How to detect SaaS tools sending emails from your domain without authorization: DMARC reports, unknown source identification, resolution workflow, and continuous monitoring.
Complete guide to email-related DNS records: MX, SPF, DKIM, DMARC, MTA-STS, TLS-RPT, BIMI, PTR. Each record explained with concrete examples.
How to read email headers: Received, Return-Path, Authentication-Results, ARC, DKIM-Signature. Complete guide to diagnosing deliverability issues.
Step-by-step guide to moving your DMARC policy from none to reject: recommended timeline, shadow IT pitfalls, the role of RUA reports, and a migration checklist.
Practical guide to interpreting DMARC aggregate reports: XML format, legitimate vs suspicious sources, shadow IT, and how to use the data to strengthen your policy.
Complete guide to setting up a DMARC record on your domain: syntax, policies, RUA reports and best practices.