DMARC

DMARC (Domain-based Message Authentication, Reporting, and Conformance) is an email authentication protocol that builds on two earlier standards: SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail). Where SPF verifies the sending server and DKIM verifies the message integrity, DMARC ties them together by letting domain owners publish a DNS record that instructs receiving mail servers what to do when a message fails one or both checks. DMARC also introduces a reporting mechanism, sending XML reports back to domain owners so they can monitor unauthorized use of their domain in email headers.

Email remains the primary channel for sharing publication links, delivering lead notifications, and sending transactional messages. Without DMARC, attackers can forge your domain name in the "From" field of phishing emails, making fraudulent messages appear to come from your organization. This damages brand trust and puts your contacts at risk. A properly configured DMARC policy tells receiving servers to quarantine or reject unauthenticated messages, blocking spoofed emails before they reach inboxes. For publishers who distribute flipbook links via email, DMARC also improves deliverability — mailbox providers like Gmail and Outlook give preferential treatment to domains with valid DMARC records.

FlipLink's email infrastructure is designed to pass DMARC validation out of the box. When FlipLink sends lead notifications, publication share links, or messages through [email templates](/features/email-templates), those emails align with both SPF and DKIM requirements. If you use a custom sending domain, you publish a DMARC record in your DNS that defines your policy and a reporting address. FlipLink's sending practices comply with your DMARC policy, so legitimate emails pass validation while fraudulent ones are caught by receiving servers. This means your flipbook share emails, lead alerts, and automated notifications reach recipients reliably without being flagged as spam or rejected.