Using DMARC to reduce incoming email spam.

GQsm

Member
Sep 30, 2010
8
1
53
I've searched the forum and internet at large in regards Cpanel using DMARC to reduce incoming spoofed email but everything I found seems to be about adding DMARC records on my cpanel server for domains I host, i.e. helping external recipients determine if an email supposedly coming from me is genuine or not to reduce the spam they receive.

I haven't found anything about my cpanel server utilising DMARC to check incoming email from others to reduce the spam (and especially spear phishing attempts) my own domains receive. Am I missing something?

Thanks.
 

keat63

Well-Known Member
Nov 20, 2014
1,652
169
93
cPanel Access Level
Root Administrator
I'm of the understanding that Dmarc verifies to other email servers that your sending domain is legitimate.

"A DMARC policy allows a sender to indicate that their messages are protected by SPF and/or DKIM, and tells a receiver what to do if neither of those authentication methods passes – such as junk or reject the message. DMARC removes guess work from the receiver’s handling of these failed messages, limiting or eliminating the user’s exposure to potentially fraudulent & harmful messages. DMARC also provides a way for the email receiver to report back to the sender about messages that pass and/or fail DMARC evaluation. "

In other words, if someone is pretending to be you and spamming from a different server, then dmarc will help to reduce spam, however, it won't reduce spam hitting your server.

I've no idea from your profile what level of operator you are.
If you are a root admin, consider utilising custom RBL's in exim config.

There are a number of options, but I don't think DMARC is one of them.
But don't quote me on this :)
 

cPanelLauren

Technical Support Community Manager
Staff member
Nov 14, 2017
11,895
1,068
313
Houston
The OP is asking - How do I tell my MTA to respect DMARC records for other domains when receiving mail.
If that's the case then I believe some understanding of how this works with exim is necessary:

http://exim.org/exim-html-current/doc/html/spec_html/ch-dkim_spf_and_dmarc.html said:
By default, the DMARC processing will run for any remote, non-authenticated user. It makes sense to only verify DMARC status of messages coming from remote, untrusted sources. You can use standard conditions such as hosts, senders, etc, to decide that DMARC verification should *not* be performed for them and disable DMARC with an ACL control modifier:

Code:
  control = dmarc_disable_verify
This is the default config nothing should need to be done.
 
  • Like
Reactions: motific