Glossary.
Every acronym in one place. New to all this? Start with DMARC, SPF & DKIM in plain English for the story behind the terms.
- Aggregate report (RUA)
- A daily summary a mailbox provider sends about all mail it saw claiming to be from your domain: source IPs, counts, and SPF/DKIM/DMARC results. The backbone of monitoring; the
rua=tag says where to send them. - Alignment
- The requirement that the domain which passed SPF or DKIM matches the domain in the visible From address. Without it, authentication proves nothing about who the reader thinks sent the mail.
- ASN
- Autonomous System Number, an identifier for the network a sending IP belongs to. Helps tell a real email provider apart from a random hosting network.
- DKIM
- DomainKeys Identified Mail. A cryptographic signature added to a message and verified against a public key in your DNS. Proves the message wasn't altered and came from a holder of your key; survives forwarding.
- DMARC
- Domain-based Message Authentication, Reporting & Conformance. The policy layer on top of SPF and DKIM. It requires authentication to pass and align, tells receivers what to do on failure, and asks them to send reports.
- Disposition
- What a receiver actually did with a message (delivered, quarantined, or rejected) based on your DMARC policy.
- Envelope from
- The hidden "MAIL FROM" address used during delivery and checked by SPF. Often differs from the From address the reader sees.
- ESP
- Email Service Provider, a service that sends mail on your behalf, such as Mailchimp, SendGrid, Microsoft 365, or Google.
- Failure report (RUF)
- A real-time sample of a single message that failed DMARC, sent by receivers that choose to (many don't, for privacy). The
ruf=tag controls where they go. - Header from
- The From address your recipient actually sees. DMARC alignment is measured against this.
p=(policy)- The DMARC tag that tells receivers what to do with failing mail:
none(monitor only),quarantine(send to spam), orreject(block). pct- The percentage of failing mail a policy applies to.
pct=25enforces on a quarter, letting you ramp up gradually. - Reporter
- The mailbox provider that sent you a report: Google, Microsoft/Outlook, Yahoo, and others.
- Reverse DNS
- The hostname an IP address resolves back to, a clue to who owns a sending server.
- SPF
- Sender Policy Framework, a DNS list of servers allowed to send for your domain. Checked against the envelope sender; breaks on forwarding.
sp=(subdomain policy)- A separate DMARC policy governing your subdomains. Lock it down too, or subdomains become a spoofer's open door.