DMARC (Domain-based Message Authentication, Reporting, and Conformance) is an email authentication protocol designed to give email domain owners the ability to protect their domain from unauthorized use, such as spoofing. DMARC builds upon two existing, widely deployed email authentication mechanisms: Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM). For a message to pass DMARC, it must pass either the SPF or DKIM check, and the domain used in the From: header must align with the domain verified by SPF or the domain in the DKIM signature. DMARC itself does not perform authentication but rather verifies the results from SPF and DKIM to enforce a domain's policy.

B. DSTP: Domain Secure Transfer Protocol is not a standard or recognized email authentication protocol used in conjunction with DMARC.

D. TLS: Transport Layer Security encrypts the communication path between mail servers but is not a message-level authentication mechanism that DMARC evaluates for policy decisions.

E. PKI: Public Key Infrastructure is a broad framework. While DKIM utilizes public-key cryptography, DKIM is the specific mechanism that DMARC checks, making it the more precise answer.

1. Cisco Secure Email Gateway Configuration Guide

15.0: In the chapter "Configuring Email Authentication

" the section on "DMARC Verification" states

"DMARC is an email authentication protocol that uses Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM) to detect email spoofing." This explicitly links DMARC to SPF and DKIM as its foundational components.

2. Internet Engineering Task Force (IETF) RFC 7489

"Domain-based Message Authentication

Reporting

and Conformance (DMARC)": The abstract states

"DMARC...is a scalable mechanism by which a mail-originating organization can express domain-level policies and preferences for message validation

disposition

and reporting

that a mail-receiving organization can use to improve mail handling. It is built upon the DomainKeys Identified Mail (DKIM) and Sender Policy Framework (SPF) specifications that are currently being developed by the IETF." (Section: Abstract

Page 1).

3. Cisco Secure Email and Web Manager 14.0 - User Guide: The section "How DMARC Verification Works" explains

"DMARC standardizes how email receivers perform email authentication using the SPF and DKIM mechanisms." This confirms that DMARC's function is to utilize the outcomes of SPF and DKIM checks.