FAQs
High-definition DMARC
Frequently asked questions
High definition dmarc is a layer 2 protocol enhancement to dmarc that tracks how people send email through a domain’s various ESPs (email service providers).
Dmarc reports only show the IP addresses used to send but high def dmarc shows which users are sending from each ESP.
This has been one of the most requested additions to dmarc reporting for many years so we built it.
If you don’t have many employees, you probably don’t need high def dmarc.
Dmarc enforcement commonly stalls out for enterprises and mid-size companies because rfc-dmarc cannot identify the owners of mail streams that need reconfiguration to send dmarc-aligned mail.
High def dmarc lets you zoom in on those mail streams and vendors to see who is using them.
Not at all, the same DNS record is used for both protocols.
Think of high def dmarc as an upgrade that rides on top of dmarc to provide the coveted user-centric reporting that’s impossible with standard dmarc.
Not for end users. High-definition enabled dmarc vendors buy data feeds from partners for end user domain(s).
We do, too.
HD already has a few other tricks up the sleeve. We’ll feature some of them on this site in the future.
For curmudgeons
If you’re the easily offended type and high def dmarc upsets you, this section is for you. Also, cheer up 😉
Using needle-nose pliers to flip pancakes may be pointless and dumb. Does that make pancakes any less delicious or needle-nose pliers a pointless tool?
Use the right tool for the job. A lot of people find high def dmarc helpful in their process to enforce strict policies on complex email sending domains. HD is built to delight those people.
Relax, nobody is going to make you to use it. It’ll be here if you need it in the future 🙂
It’s not one versus the other, they’re friends! High def dmarc is a layer 2 protocol built on top of the standard dmarc specificiation as defined in RFC 7489.
No, a better way to conceptualize the inner workings of high-definition dmarc is the ThreatExchange model.
There are plenty of other proprietary interoperability systems. You’ve used an api before, no?
We needed was a fast way for partners to exchange data that delights their mutual customers. This is the best we have (for now).
That’s okay. You’ll still benefit because every new company that leverages high def dmarc to achieve a dmarc reject policy represents a few more domains that cannot be used for spoofing. That creates a safer internet for everyone. Won’t you enjoy it with us?