Domain-based Message Authentication, Reporting, and Conformance (DMARC) is a sender email authentication mechanism that provides protection against phishing attacks, and improves spam accuracy by blocking spam in spoofed messages. This feature is available using the Cloud Protection Layer (CPL) with your Barracuda Email Security Gateway and requires contacting Barracuda Networks Technical Support to enable.
Domain-Based Message Authentication, Reporting, and Conformance
DMARC is built on top of the email authentication mechanisms Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM); you must have both an SPF and a DKIM record published for the domain to set DMARC policies. For more information about SPF and DKIM, see Sender Authentication.
Specify DMARC policy settings on the Inbound Settings > Sender Authentication page in the CPL web interface:
- Enable DMARC – When set to Yes, DMARC enables a sending domain to specify policy for messages that fail DKIM or SPF. When set to No, the Barracuda Email Security Gateway does not run DMARC checks for inbound messages and the SPF and DKIM policy settings are used to verify the IP address range and sending domain.
Additionally, you can select to exempt specific domains from DMARC verification.