University of Wisconsin–Madison

Email Authenticity (DMARC)

Achieving email authenticity is part of an ongoing effort to protect users from phishing and improve the reputation of email sent from UW–‍Madison.

Campus email administrators have deployed Domain-based Message Authentication, Reporting & Conformance (DMARC) to provide campus units (email-domain owners) stronger control on preventing illegitimate use of UW–‍Madison email addresses. Messages are DMARC aligned if they pass SPF or DKIM checks, and the domain in the From Header matches the results of SPF/DKIM. The email address in the From Header is what recipients see. 

DMARC allows email providers to verify that email was sent from a valid UW-Madison address and not from phishers, spammers, or other unverified sources.

Benefits

  • Reputation: Publishing a DMARC record protects your brand by preventing unauthenticated parties from sending mail from your domain. In some cases, simply publishing a DMARC record can result in a positive reputation bump.
  • Visibility: DMARC reports increase visibility into your email program by letting you know who is sending email from your domain.
  • Security: DMARC helps the email community establish a consistent policy for dealing with messages that fail to authenticate. This helps the email ecosystem as a whole become more secure and more trustworthy.

Getting started

Need help sending DMARC-protected email? Fill out the form below for a one-on-one consultation.
Email Authenticity Consultation Form

Approved & Unapproved Email Services

Approved/Verified Unapproved/Unverified

UW-Madison Office 365 via web browser, desktop app, and mobile app

  • End-users sending outbound email
  • Office 365 Add-ons for mail-merge functionality

List servers that are configured to work with DMARC

  • Google Groups will set the g-groups.wisc.edu domain in the From header when the original sending domain has a DMARC policy in effect.
  • Departmental and off-campus list servers need to be updated to support DMARC

Sending email using any other email service requires campus email administrator coordination to work with DMARC

  • We recommend using a subdomain instead of @wisc.edu (SPF and DKIM need to be configured based on the From address being used in mailings)
  • The campus SMTP Relay service supports SPF (DKIM support TBD)
  • Third party email service providers (e.g. Mailchimp, Qualtrics, etc)

Systems that are able to authorize end-users’ use of their own email address within the system

Third-party email services that are not configured to work with the new DMARC controls

  • Any vendor using off-campus servers

Non-UW-Madison email accounts that send as a wisc.edu address

  • E.g., a hotmail.com or gmail.com address set to send as a wisc.edu address

Third-party email scripts/servers that don’t send email using on-campus mail services

 

Available to

  • Departments
  • Faculty
  • Researchers
  • Staff
  • Students

Service category