A short time ago Bettina Specht of email marketing and software firm Litmus compiled questions her colleagues and their customers had about DMARC and email authentication. They cover the most common topics and concerns around preventing fraudulent email from affecting your brand and customers. The answers provided by DMARC.org staff have now been compiled into […]
Australian Government Agency Recommends DMARC, DKIM, and SPF
In July the Australian Signals Directorate, part of the Department of Defence, and the Australian Cyber Security Centre issued a report for IT professionals titled, Malicious Email Mitigation Strategies. The report recommends the most effective methods of protecting organizations from email-borne attacks, and includes deploying DKIM, DMARC, and SPF. Furthermore it recommends using DMARC with […]
Common Problems With DMARC Records
It’s very common for any organization’s first attempt at a DMARC record to get the syntax or content wrong in some respect. This post will share some of the missteps and oddities seen while reviewing a dataset of captured Domain Name System (DNS) queries provided by Farsight Security. To be clear, all of the records […]
How Many From: Addresses Are There?
When first exploring email authentication, even people with a technical background find that there’s a lot of niche terminology that has to be picked up. This post will try to explain the different terms used for addresses that are associated with email messages. How Is An Email Message Like A Postal Letter? When your postman […]
DMARC Required For UK Government Services By October 1st
Government Digital Service (GDS), part of the United Kingdom’s Cabinet Office, is requiring that other government departments adopt DMARC and HTTPS/HSTS to protect their online services by October 1st, 2016. This includes making the strongest DMARC policy (“p=reject”) the default for email services at that time. This will apply to all services operating under the service.gov.uk […]
Our Supporters Make DMARC All It Can Be
Philadelphia, Pennsylvania – June 15, 2016 – The need to overcome brand hijacking, phishing and fraud compelled many leading companies to participate in creating the DMARC standards. Since that time, many forward-looking companies have asked how they can become involved in promoting DMARC adoption so we can all enjoy protection worldwide. Responding to demand in […]
New Presentation Describing ARC Protocol Available
The Authenticated Received Chain, or ARC, protocol allows authentication results to be conveyed across indirect mailflows. This is intended to allow traditional services like mailing lists, content scanning, and alumni accounts that forward and/or alter messages to continue to operate in an environment where email authentication is increasingly required for timely delivery of messages, but […]
Yahoo Protects 62 Additional Domains with DMARC
Yahoo (NASDAQ:YHOO) has been at the forefront of email authentication for over a decade, and they continue to drive the industry forward. Today, Yahoo has taken the next step in their program by publishing strong DMARC policies for 62 of their international domains, listed below. These policies will prevent phishers and spammers from using these […]
Eleven Commercial Email Gateways Support DMARC
Businesses and other organizations can protect themselves from certain classes of phishing attacks on their employees by using DMARC to filter incoming email messages. But whether the company is large or small, they usually don’t have the expertise or resources to build their own filtering solution. That’s why commercial email gateways that support DMARC are […]
25 Leading Companies That Began Using DMARC in 2015
Each year since the DMARC protocol was first announced, more and more companies have found that it can help them monitor and protect email using their domains. Here are some notable companies or brands that began doing so in 2015, according to data provided by DMARC.org sponsor Farsight Security. Aflac (insurance) American Express (finance) † […]