DMARC
Domain-based Message Authentication, Reporting and Conformance. Aligns SPF and DKIM with the visible From: domain and provides reporting.
Terms A–Z
SPF
Sender Policy Framework. DNS record listing authorised sending sources for a domain.
DKIM
DomainKeys Identified Mail. Cryptographic signature ensuring messages aren’t altered and originate from an authorised domain.
Alignment
Requirement that SPF/DKIM domains match (strict) or share organisational domain (relaxed) with the visible sender.
RUA / RUF
Aggregate (RUA) and forensic (RUF) reporting addresses in a DMARC record. Provide visibility into authentication results.
MTA-STS
SMTP TLS reporting policy that forces secure transport for your domain’s mail servers.
TLS-RPT
Transport Layer Security Reporting. Provides reports about mail servers failing to negotiate TLS.
ARC
Authenticated Received Chain. Preserves authentication results through forwarding to avoid DMARC failures.
BIMI
Brand Indicators for Message Identification. Allows verified logos in inboxes once DMARC is enforced.
DNSBL
DNS-based block list. Lists IP addresses known for sending spam; useful in monitoring for compromised senders.
PTR
Reverse DNS record mapping an IP address back to a hostname. Helps receivers trust the sending infrastructure.
HELO / EHLO
SMTP greeting used by mail servers. Should align with SPF records to avoid authentication failures.
How to use this glossary
- Add links to your onboarding handbook.
- Share during security awareness training.
- Reference in vendor security questionnaires.