DMARC
Domain Message Authentication Reporting & Conformance
DMARC is the framework that combines SPF and DKIM to reduce SPAM and email abuse.
A good way to understand how your email is configured is to use the online checker provided for free by the National Cyber Security Centre (part of GCHQ).
https://checkcybersecurity.service.ncsc.gov.uk/email-security-check/form
Another free yet invaluable resource is the online interactive checker provided free by uriports.com.
Google can be very useful if you have received an email and want to understand what you see in the headers.
https://toolbox.googleapps.com/apps/messageheader/analyzeheader
URIports have a set of easy-to-understand online tools for DMARC
https://www.uriports.com/tools
SPF
Sender Policy Framework
SPF is a way of specifying a group of servers which are authorised to send email on behalf of an internet domain.
This requires being able to look up resources on the internet to determine if the server identified as being the sender of an email is indeed authorised to send it.
https://www.spf-record.com/spf-lookup
DKIM
DomainKeys Identified Mail
DKIM is a method of digitally signing email to identify it as originating from a specific domain. Normally the receiving mail server will add headers indicating the status of the authorisation check as to whether it has passed or failed. This doesn’t always give the whole picture and further analyses of the email and headers can be useful.
The following link is an easy online way of analysing email headers. Be careful not to paste anything sensitive into this web portal.
https://www.appmaildev.com/en/dkimfile
If you would prefer to be able to analyse emails locally on your PC why not try installing Perl and the Mail::DKIM:Verifier package from meta::cpan
I’d recommend installing the latest MSI installer for Strawberry Perl.
https://metacpan.org/pod/Mail::DKIM::Verifier
Then download the tar.gz from meta::cpan and to install copy and paste the the following into your command prompt.
cpanm Mail::DKIM
(This single package includes both the DKIM Verifier and the ARC Verifier)
Here is a Perl executable script which uses the above modules to produce a readable report locally.
https://nigelpentland.co.uk/perl/dkimv.txt
Follow the link above, select all the text (Ctrl-a) copy (Ctrl-c) and paste into a text editor and save file as
dkimv.pl
To execute the script open a command prompt, and type dkimv.pl followed by the filename of a text file containing email headers such as email.eml.
e.g.
C:\tmp> dkimv.pl email.eml