.au Domain Observatory

Why DMARC matters

DMARC is a visible mail posture signal that helps domain owners publish how receiving systems should treat email that does not pass expected authentication checks.

Mail postureDMARC visibilityPublic email signals

Direct answer

DMARC helps a domain owner publish instructions for how receiving mail systems should handle email that claims to come from their domain but does not pass expected authentication checks.

Plain-language explanation

Email can claim to come from a domain. DMARC helps the domain owner publish a public policy that tells receiving mail systems what to do when a message does not align with expected authentication results.

In plain terms, DMARC lets a domain say: if a message does not look properly authorised, here is how I want receiving systems to treat it.

DMARC works with related email authentication signals, commonly SPF and DKIM. SPF helps identify authorised sending paths. DKIM helps identify valid domain signatures. DMARC adds a policy and alignment layer that receiving systems can use when evaluating mail that claims to use the domain.

Why it matters

DMARC matters because email remains closely tied to organisational identity, communications trust and brand recognition.

A visible DMARC record can show that a domain has published a public mail authentication policy. Changes in DMARC visibility can also help governance, technology and communications teams notice when public mail posture has shifted.

However, DMARC presence alone does not prove that mail controls are complete, well tuned or fully effective. It is one public signal in a broader mail posture picture.

What .auDO observes

  • whether a DMARC record is visible for an observed domain
  • MX records
  • SPF records
  • TXT records
  • inferred email provider context
  • repeated changes in visible mail posture

What it can tell us

  • whether a public DMARC record was visible at collection time
  • whether DMARC visibility changed across repeated observations
  • whether mail posture appears stable, absent or moving across the observed panel
  • how DMARC visibility relates to MX, SPF and provider context in aggregate

What it cannot prove

  • that a domain's mail controls are complete
  • that a DMARC policy is correctly tuned
  • that unauthorised email is fully prevented
  • that internal mail telemetry supports the same picture
  • that mail delivery quality is good or poor
  • that a domain is well or poorly governed on the basis of DMARC alone

Practical governance questions

  • Do important domains have an expected DMARC position?
  • Is the DMARC policy known and documented?
  • Who owns DMARC changes: technology, security, communications, supplier or mail administrator?
  • Are DMARC changes reviewed alongside MX, SPF and email provider changes?
  • Are reporting addresses, policy strength and alignment settings periodically reviewed?

These signal pages explain the specific public fields and observations that sit behind this explainer.

DMARCSPFMX recordsTXT recordsEmail providerDNS provider

State pages summarise aggregate posture across the current .auDO observation panel. They are summaries, not scores.

DMARC postureEmail providersDNS providers

Explore observed context

For broader context, compare DMARC posture with dated reports, observed cohorts and methodology notes. This can help show whether a visible mail posture change is isolated, repeated or part of a wider provider or DNS pattern.

ReportsObserved cohortsMethodologyAll explainers