DMARC

Summary

Explains what DMARC is, how it works, and why Bowdoin uses it. DMARC is an email authentication protocol that prevents others from sending emails using the bowdoin.edu domain without Bowdoin's authorization. No action is required from faculty, staff, or students.

Body

Questions

  • What is DMARC and why does Bowdoin use it?
  • What does DMARC do to protect Bowdoin email?
  • Why are some emails I send on behalf of Bowdoin not being delivered?
  • I use a third-party service with my Bowdoin email address — why are its emails failing?
  • What do I need to do to comply with the DMARC policy?
  • How does DMARC help prevent phishing and email spoofing?

Environment

This article applies to all Bowdoin faculty, staff, and students who send or receive email using a bowdoin.edu address. The DMARC policy is configured and managed by Bowdoin IT and affects all email sent using the bowdoin.edu domain.

Resolution

What is DMARC?

DMARC (Domain-based Message Authentication Reporting and Conformance) is an email authentication protocol that helps ensure that emails claiming to come from bowdoin.edu actually originate from systems authorized by Bowdoin. It works alongside two other email security standards — SPF and DKIM — to verify that a sender is who they claim to be.

When an email fails DMARC verification, receiving mail systems are instructed to either send it to junk or reject it entirely. This prevents malicious actors from sending phishing or spoofed emails that appear to come from a Bowdoin address.

What do I need to do?

Nothing. Bowdoin IT has already configured the DMARC policy for bowdoin.edu. For most users, this change is invisible and has no impact on how you send or receive email.

What if I use a third-party service with my Bowdoin email?

If you use a service that is not purchased, licensed, or contracted by Bowdoin, and that service sends email on your behalf using your bowdoin.edu address, those emails may not be delivered. This is because DMARC requires that all email sent from the bowdoin.edu domain originates from systems that Bowdoin has authorized.

Example: If you use a personal scheduling or notification service that sends emails using your Bowdoin address, those emails may fail DMARC checks and be rejected by the recipient's mail server. This is not something Bowdoin IT can fix — the third-party service must be configured to send from their own domain, or you must use a personal (non-Bowdoin) email address with that service.

If you believe a legitimate Bowdoin-authorized service is being affected, contact the Service Desk so IT can investigate and make necessary configuration changes.

Why does this matter?

Email spoofing — where an attacker sends messages that appear to come from a trusted bowdoin.edu address — is a common technique in phishing attacks. DMARC is widely recommended by security auditors and is required by major email providers including Google and Yahoo for bulk email. By enforcing DMARC, Bowdoin significantly reduces the risk that community members will receive fraudulent emails that appear to come from Bowdoin.

Additional Help

If you need further assistance, you have several options:

  • Bowdoin Bot: Chat with Bowdoin Bot directly from any KB page for instant answers.
  • Phone: Call the Bowdoin College Service Desk at (207) 725-3030.
  • In person: Visit the Tech Hub in Smith Union during business hours.
  • Submit a ticket: Request assistance through the Service Catalog.

Details

Details

Article ID: 162510
Created
Tue 6/4/24 9:08 AM
Modified
Mon 5/4/26 10:07 AM

Related Articles

Related Articles (2)

Microsoft 365 (M365) Email Protection
Explains the two layers of Microsoft 365 email protection at Bowdoin — Exchange Online Protection (EOP) and Microsoft Defender for Office 365. Covers how spam, phishing, malware, and suspicious links are filtered, what users will see when protection is active, and what to do if a legitimate message is blocked.
Reporting a Phish or Spam email
How to report a suspected phishing or spam email to Bowdoin IT using the Report Message option in Microsoft Outlook. Covers Outlook for macOS, Outlook Online, Outlook for Windows, and Outlook for iOS/iPadOS. No need to forward emails to IT directly.