Wilmington, North America, February 24th, 2026 – Cybersecurity experts gathered for a recent DMARCbis fireside chat to deliberate on the forthcoming updates to the DMARC protocol and outline strategies for email authentication in 2026.
The event, hosted by Sendmarc, featured insights from Todd Herr, Principal Solutions Architect at GreenArrow Email and co-editor of the DMARCbis document. The discussion, led by Dan Levinson from Sendmarc, provided a deep dive into the progress of the protocol through the Internet Engineering Task Force (IETF) standards process and what changes teams should anticipate in the evolving landscape of email security.
Advancements in Email Authentication
DMARC, initially introduced in 2015, has been pivotal in reducing domain spoofing and enhancing domain visibility. During the chat, Herr elaborated on how DMARCbis incorporates lessons from practical deployments, focusing on enhancements aimed at ensuring the protocol’s long-term viability and maintainability.
The proposed updates, encapsulated in DMARCbis (draft-ietf-dmarc-dmarcbis-41), are intended to achieve Proposed Standard status and, if adopted, will replace the existing RFC 7489. Herr emphasized that these updates represent an evolutionary step rather than a revolutionary change in email authentication.
Key Themes and Protocol Updates
The video discussion highlighted several key themes that are crucial for businesses planning to bolster their email security strategies. These include updates to record tags to minimize ambiguity, clearer guidelines for reporting and participation, and a standardized approach to receiver-side policy discovery via DNS tree walk.
Levinson pointed out that major email providers like Microsoft, Google, and Yahoo have been at the forefront of adopting stringent sender requirements, underscoring the critical role of DMARC, SPF, and DKIM in safeguarding email communications.
Addressing Misconceptions and Ensuring Effective Practices
Herr also addressed common misconceptions surrounding DMARC, particularly the false belief that merely publishing a DMARC record guarantees inbox placement. The discussion clarified that while authentication aids mailbox providers in verifying identity and reputation, it does not replace the need for robust sending practices.
For those interested in the full discussion, the video is available online.
About Sendmarc
Sendmarc is dedicated to helping organizations globally protect their email domains from impersonation. The platform enables large-scale DMARC deployment, enhancing deliverability and reducing phishing risks. By supporting enterprises with complex sender ecosystems, Sendmarc ensures sustained DMARC compliance and email integrity.
Contact Information
For further details, reach out to Dan Levinson, Customer Success Director, US at Sendmarc via [email protected].
