American government agencies are currently rushing to meet the January 15, 2018 deadline for implementing the DMARC protocol. DMARC stands for Domain Message Authentication, Reporting and Conformance. It's a security protocol that allows for reporting between email receivers and senders in order to discourage spoofing - sending fraudulent emails which appear to come from a legitimate domain as means of facilitating spam and phishing.

DMARC was developed in the private sphere and came into widespread use in 2012. The authentication process allows a receiver to check if a message comports with what is knows about a sender. The owner of a domain uses either a DomainKey Identified Mail (DKIM) or Sender Policy Framework (SPF) mechanism. The receiver must confirm that the header of a new message aligns using DKIM or SPF with authenticated domain names.

You can confirm with if a domain is using DMARC on this site. It will determine if the domain has a DMARC policy in place:

. . . and also provide an overall DMARC score.