DMARC Thesaurus
Interpretation of the most common terms and acronyms that are being used in the DMARC ecosystem.
There are currently 67 names in this directory
A
Aggregate reports
A category of XML files containing aggregate email authentication information regularly sent to recipients selected by domain owners. The reports are sent by Email Service Providers (ESPs) like Gmail, Office 365, Yahoo Mail, etc.
Alignment
A scenario where three header fields in an email match (From, ReturnPath(SPF), and DKIM d=), proving that the email is a legitimate one originating from where it is meant to come from.
API
Application Programming Interface. It is a software intermediary that allows two applications to talk to each other.
APWG
Anti-Phishing Working Group. An international consortium that unifies firms that have been harmed by phishing attacks, security products and services providers, law enforcement agencies, government agencies, trade associations, regional international treaty organizations, and communications providers.
ARC
Authenticated Received Chain. An email authentication system that enables an intermediate mail server (a mailing list or forwarding service) to sign the original authentication findings of an email.
B
BEC
Business Email Compromise. A category of cybercrimes in which criminals send an email message with a legitimate request that appears to come from a known source.
BIMI
Brand Indicators for Message Identification. A standard that attaches your company’s logo in authorized email communications.
Blacklisting
A method used by most antivirus programs and intrusion prevention/detection systems that work by maintaining a list of applications that are to be denied system access.
C
CIDR
Classless Inter-domain Routing. A set of IP standards that are used to provide network and device IDs that are unique.
CNAME
Canonical Name. A type of resource record in the DNS that provides the mapping of one domain name to another.
CRTSIRT
Computer Security Incident Response Team. A group of IT specialists who provide services and assistance to a business in the areas of cybersecurity risk assessment, management, and prevention, as well as incident response coordination.
D
DANE
DNS-based Authentication of Named Entities. An Internet security protocol that allows domain names to be tied to X. 509 digital certificates, which are often used for Transport Layer Security (TLS).
DDoS
Distributed Denial-of-service. A cyber-attack in which the attacker attempts to make a computer or network resource unavailable to its intended users by disrupting the services of a host connected to the Internet for a period or indefinitely.
DKIM
DomainKeys Identified Mail. A technical standard that aids in the prevention of spam, spoofing, and phishing of email senders and recipients.
DKIM alignment
A scenario in which the parent domain of your email’s DKIM signature domain matches the Header From domain.
DMARC
Domain-based Message Authentication, Reporting, and Conformance. An open email authentication protocol that protects an email domain from unauthorized use (often known as email spoofing), phishing attacks via impersonation, and other cyber-attacks or crimes.
DMF
Domain Management Function. A centralized authority within an organization that is responsible for the acquisition, management, and monitoring of Internet domains.
DNS
Domain Name System. A hierarchical naming system for devices and resources connected to the Internet or a private network.
E
ESMTP
Extended Simple Mail Transfer Protocol. A protocol used to send and receive emails over the network.
ESP
Email Service Provider. A provider of email hosting that implements email servers for the exchange of emails on behalf of other organizations or end-users.
F
Forensic Report
Reports that are sent out if an email from a domain fails both the SPF and DKIM authentication protocols. These reports contain data about the spoofed email such as the sending email address, receiving email address, subject, and, sometimes, the header of the email.
FQDN
Fully Qualified Domain Name. A complete address for a website, computer, server or similar entity that exists on the Internet.
From Header
A header field defined in RFC5322 with two components, namely Display Name and Address Field.
H
Honeypot
A computer security tool to detect, deflect, or prevent attempts at unauthorized use of a system.
I
IETF
Internet Engineering Task Force. An open standards organization that develops and promotes voluntary Internet standards, specifically the ones that comprise the Internet protocol suite.
IMAP4
Internet Mail Access Protocol version 4. An Internet standard protocol for storing and retrieving messages from SMTP hosts.
Impersonation
A category of cyberattack in which the attacker imitates or copies the behavior or actions of another person or organization.
IP
Internet Protocol. A set of rules governing the format of data that is sent via the internet or local network.
ISP
Internet Service Provider. An organization that provides many different services for accessing, using, or participating on the Internet.
L
LAN
Local Area Network. A network of connected devices in one physical location such as a building, office, or home.
M
M3AAWG
Messaging, Malware and Mobile Anti-Abuse Working Group. An organization that develops cooperative approaches for fighting online abuse.
MAN
Metropolitan Area Network. A computer network that interconnects devices in a geographical region of the size of a metropolitan area.
MIME
Multipurpose Internet Mail Extensions. A standard that indicates the nature and format of a document, file, or combination of bytes.
MSA
Message Submission Agent. A computer program or software agent that receives emails from a mail user or agent and assists the mail transfer agent with the delivery of the mail.
MSSP
Managed Security Service Provider. An organization that offers cybersecurity services to end users.
MTA
Message Transfer Agent. A software that transfers electronic mail messages between devices using SMTP.
MTA-STS
Mail Transfer Agent Strict Transport Security. A protocol that informs services that are sending your organization emails that your domain supports Transport Layer Security (TLS) 1.2 or higher.
MX-record
A record that specifies the mail server responsible for accepting email messages on behalf of a domain name.
O
P
Phishing
A type of social engineering attack in which an attacker, acting as a legitimate entity, tricks a victim into opening an email, instant message, or text message.
POP3
Post Office Protocol 3. An application-layer Internet standard protocol used by email clients to retrieve emails from a mail server.
R
Reporter
A server that receives an email to be delivered to inboxes and generates aggregate and forensic reports.
RUA
A set of XML files providing aggregate email authentication information given by Email Service Providers (ESPs) like Gmail, Office 365, Yahoo Mail, and others to domain owners.
RUF
A set of XML files that are sent out if an email from your domain fails both the SPF and DKIM authentication protocols.
S
Smart Host
An email server through which third parties can send emails and have them forwarded to the email recipients’ email servers.
SMTP
Simple Mail Transfer Protocol. An internet standard communication protocol for electronic mail transmission.
SPF
An email authentication system that detects forged sender addresses while an email is being delivered.
SPF Flattening
A technique that is useful when the DNS lookup limit is reached due to an increased number of SPF mechanisms.
SSO
Single Sign-On. An authentication system that allows a user to log in with a single ID and password to any of several related, yet independent software systems.
T
TCP/IP
The conceptual model and a set of communications and protocols used over the Internet and other networks.
TLS
Transport Layer Security. A type of protocol designed to provide communications security over a computer network.
U
URL
Uniform Resource Locator. The mechanism used by browsers to find any published resource on the web.
V
VEC
Vendor Email Compromise. A scenario in which a cybercriminal takes over a legitimate email account of a well-known vendor to trick a business into making payment information modifications that benefit the criminal.
W
WAN
Wide Area Network. A connection of systems that serves the primary purpose of computer networking and spans a broad geographic area.
Whitelisting
A mechanism that explicitly allows some specific entities to access a particular privilege or service.
X