Email authenticity (DMARC) - UW–⁠Madison Information Technology

Last updated on March 28, 2024

Achieving email authenticity is part of an ongoing effort to protect users from phishing and improve the reputation of email sent from UW–‍Madison.

Campus email administrators have deployed Domain-based Message Authentication, Reporting & Conformance (DMARC) to provide campus units (email-domain owners) stronger control on preventing illegitimate use of UW–‍Madison email addresses. Messages are DMARC aligned if they pass SPF or DKIM checks, and the domain in the From Header matches the results of SPF/DKIM. The email address in the From Header is what recipients see.

DMARC allows email providers to verify that email was sent from a valid UW–‍Madison address and not from phishers, spammers, or other unverified sources.

Benefits

Reputation: Publishing a DMARC record protects your brand by preventing unauthenticated parties from sending mail from your domain. In some cases, simply publishing a DMARC record can result in a positive reputation bump.
Visibility: DMARC reports increase visibility into your email program by letting you know who is sending email from your domain.
Security: DMARC helps the email community establish a consistent policy for dealing with messages that fail to authenticate. This helps the email ecosystem as a whole become more secure and more trustworthy.

Getting started

Need help sending DMARC-protected email? Fill out the email authenticity consultation Form for a one-on-one consultation.

Approved & unapproved email services

Approved/Verified	Unapproved/Unverified
UW–‍Madison Microsoft 365 via web browser, desktop app, and mobile app End-users sending outbound email Microsoft 365 Add-ons for mail-merge functionality List servers that are configured to work with DMARC Google Groups will set the g-groups.wisc.edu domain in the From header when the original sending domain has a DMARC policy in effect. Departmental and off-campus list servers need to be updated to support DMARC Sending email using any other email service requires campus email administrator coordination to work with DMARC You must use a subdomain instead of @wisc.edu. SPF, DKIM and DMARC DNS records need to be correctly configured for the From address used in the mailings. The configuration requirements will be based on the capabilities of the third-party email service provider. The Campus Relay service supports SPF and DKIM and is available to on-campus applications. Examples of third party service providers: (e.g. Mailchimp, Qualtrics, Sendgrid, Slate, etc)	Third-party email services that are not configured to work with the new DMARC controls Any vendor using off-campus servers Non-UW–‍Madison email accounts that send as a wisc.edu address E.g., a hotmail.com or gmail.com address set to send as a wisc.edu address Third-party email scripts/servers that don’t send email using on-campus mail services

Approved/Verified

Unapproved/Unverified

UW–‍Madison Microsoft 365 via web browser, desktop app, and mobile app

End-users sending outbound email
Microsoft 365 Add-ons for mail-merge functionality

List servers that are configured to work with DMARC

Google Groups will set the g-groups.wisc.edu domain in the From header when the original sending domain has a DMARC policy in effect.
Departmental and off-campus list servers need to be updated to support DMARC

Sending email using any other email service requires campus email administrator coordination to work with DMARC

You must use a subdomain instead of @wisc.edu.
SPF, DKIM and DMARC DNS records need to be correctly configured for the From address used in the mailings.
The configuration requirements will be based on the capabilities of the third-party email service provider.
The Campus Relay service supports SPF and DKIM and is available to on-campus applications.

Examples of third party service providers: (e.g. Mailchimp, Qualtrics, Sendgrid, Slate, etc)

Third-party email services that are not configured to work with the new DMARC controls

Any vendor using off-campus servers

Non-UW–‍Madison email accounts that send as a wisc.edu address

E.g., a hotmail.com or gmail.com address set to send as a wisc.edu address

Third-party email scripts/servers that don’t send email using on-campus mail services

Available to

Departments
Faculty
Researchers
Staff
Students

Service category

Security