DMARC (Domain-based Message Authentication, Reporting, and Conformance) is a tool that helps protect email domains from being used for spam or phishing. But what happens when a message doesn’t pass the DMARC check? Here’s a simple explanation.
What Does It Mean to Reject a Message?
When a message doesn’t pass the DMARC check, it can be rejected. This means the message is not delivered to the recipient’s inbox. Rejecting a message during the email delivery process is better than sending a Delivery Status Notification (a kind of failure report) because it prevents fraudulent messages from generating annoying failure reports.
How Are Messages Rejected?
There are two main ways to reject a message:
- Full Rejection: The email server sends a code (a “5xy” reply code) to the email client (the program sending the email) to say that the delivery failed. The email client is then responsible for notifying the sender that the delivery failed.
- Silent Discard: The email server sends a code (a “2xy” reply code) to the email client to say that the delivery was successful, even though it wasn’t. The message is then discarded and no further action is taken.
Each method has its pros and cons. For example, a silent discard can prevent backscatter (unnecessary failure reports), but it also means the email server has to give a false result, which can make it harder to troubleshoot problems.
What About the SMTP Reply?
The text part of the SMTP (Simple Mail Transfer Protocol) reply can be important. For example, when a message is rejected, the reason for the rejection could be included in the reply. This could help a legitimate sender figure out why their message was rejected, but it could also give a spammer information they could use to bypass the DMARC check.
When a message is rejected, the reply could include the word “DMARC” to indicate the reason for the rejection. For example, the reply might look like this:
550 5.7.1 Email rejected per DMARC policy for example.com
This makes it easier for automated systems to understand why the message was rejected and address the problem.
If the email server can’t retrieve or apply the DMARC policy, it might choose to delay delivery. This is usually done with a “4xy” SMTP reply code.
Remember, this is a simplified explanation. In reality, using DMARC involves a lot of complex processes and technologies. But hopefully, this gives you a basic understanding of how DMARC handles message rejection.
Was this helpful?
0 / 0