NBC morning television show The Today Show featured some basic, consumer-friendly tips on identifying and avoiding phishing scams on their November 16th show. Developed in partnership with security firm ESET, they also added an interactive quiz on their website. You can find both items by following this URL: http://www.today.com/money/test-your-phish-spotting-skills-fun-quiz-t55891 Hopefully this is something even security […]
DMARC.org presenting at Cloud & Messaging Day in Tokyo
Steven Jones will be speaking at the Cloud & Messaging Day meeting in Tokyo the afternoon of Monday, November 16th.The meeting is organized and hosted by messaging and infrastructure specialists TwoFive of Tokyo. (A PDF version of the flyer in Japanese is available here.) Jones will address all attendees in the first session on the […]
“DMARC is easy!” “DMARC is hard!” Which is it?
It happens so often in IT that it’s a cliché. Somebody comments to senior management about a complex, long-term project you’re involved in, saying: “That’s easy, I could do that in an afternoon. What’s taking your people so long?” Or you’ve spent weeks on careful research, building the business case, explaining the cost-benefit trade-offs, and […]
Authenticated Received Chain protocol has a web site
A web site, http://arc-spec.org, has been created to share information and news about the Authenticated Received Chain (ARC) protocol announced earlier this week. As the specification is reviewed and implemented by the Internet community, and more information and resources are developed around it, they will be linked from or hosted on the site.
Global Mailbox Providers Deploying DMARC to Protect Users
Berkeley, California – October 19, 2015 – The Domain-based Message Authentication, Reporting, & Conformance (DMARC) specification has proven its value in combating fraudulent email since its introduction three and a half years ago. Thousands of companies use it to prevent billions of messages fraudulently using their Internet domains from reaching inboxes, thereby protecting their customers and employees […]
M3AAWG Conference in Atlanta to Feature DMARC Training
At the Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG) conference in Atlanta on Monday, October 18th, DMARC.org will provide a training session on DMARC and email authentication. Barry Jones of ACS Technologies will present a representative case of how to use DMARC and email authentication to protect users from relentless phishing attacks and other […]
Yahoo to Expand Use of Strict DMARC Policy
Last year AOL and Yahoo curtailed massive email-borne abuse of their customers by deploying strict DMARC policies on their marquee domains. Recently Yahoo announced that they would be extending that policy to more of their domains as soon as November.
North American ISPs Using DMARC to Protect Inbox
The biggest global mailbox providers – AOL, Google*, Hotmail/Microsoft, NetEase, Yahoo – have been using DMARC to filter out fraudulent email sent to their users from the beginning. But readers have told us that some major North American ISPs are also using DMARC to protect their customers. We like to recognize these ISPs for using […]
Making the Business Case for Email Authentication
Are you trying to generate support within your organization for deploying email authentication? A presentation, “Making the Business Case for Email Authentication,” is now available in our Resources section (direct link to the PDF here). Feel free to use the tips and information in your own internal planning and communications as you put your program […]
Receiving DMARC Reports Outside Your Domain
There are good reasons why one domain might want to have the DMARC reports about its traffic sent to a mailbox in a different domain. However DMARC.org has recently received several aggregate reports for a few seemingly random domains with no connection to DMARC.org – which is potentially a form of abuse itself, and one […]