TheĀ DMARC Working Group has completed Last Call for the ARC specification. This means that when the final consensus changes are incorporated, the document will be submitted for approval and publication by the IETF. It is possible that the specification might be published before the next IETF meeting in November, though perhaps more likely between then […]
DMARC Deployments Quadruple In 2017
Using DNS query data supplied by Farsight Security, global deployment of DMARC appears to have grown by roughly 400% over the course of 2017. The portion of these domains publishing “quarantine” or “reject” policies – which generally prevent fraudulent messages using one of these domains from being delivered to the inbox – rose from 21% […]
OpenARC v0.1.0 has been released
An alpha version of an open source implementation of the ARC protocol has been released. Congratulations to all involved in bringing this project to an initial release. ARC allows forwarders and mailing lists to convey message authentication results that would otherwise be lost, which can present difficulties to some DMARC adopters. OpenARC v0.1.0 can be […]
Number of Domains Actively Using DMARC Triples
The number of Internet domains with active, valid DMARC records as measured at the end of September was over triple the figure from 12 months earlier. Using data supplied by Farsight Security through Q3 2016, the figure was 62,066 domains. Updated with data captured through Q3 2017, that figure rose to 193,958 domains. The following […]
DMARC.org Presents In Japan
On Monday of this week, DMARC.org Executive Director Steven M Jones and a number of prominent colleagues spoke about email authentication and combating online fraud and abuse at Cloud & Messaging Day in Tokyo, Japan. The details of the event, in Japanese, are available at this link. The event featured, in order of appearance: Neil […]
Upcoming DMARC.org Talks
DMARC.org director Steve Jones will speak to the Email Sender and Provider Coalition during their monthly call on Thursday, September 7th. The talk will address recent articles about low adoption of DMARC in various industry sectors, obstacles organizations encounter when deploying DMARC, and what recent and upcoming events may change that equation. Jones will also […]
New ARC Implementations at IETF 99 Hackathon
An Authenticated Received Chain (ARC) table was organized at the weekend hackathon held before the IETF 99 meeting in Prague this week. ARC is an official work item of the IETF DMARC Working Group, and will be discussed during the working group meeting Thursday morning. Participants from two different vendors worked on new implementations of […]
ARC Training at M3AAWG 40 in Lisbon, Portugal
There will be training in configuring ARC-enabled software, and adding ARC support to email infrastructure using open source software, at the 40th generalĀ meeting of M3AAWG. This meeting will be held at the Corinthia Hotel in Lisbon, Portugal the week of June 12th. Several members of the ARC community will conduct the tutorial program on Monday, […]
Can I Use DMARC If I Have Only Deployed SPF?
A question people asked repeatedly in 2016 was whether or not their organization could deploy DMARC if they only used SPF at present. They knew the recommendation is to use both DKIM and SPF, and were concerned that their organizations couldn’t benefit from DMARC without DKIM. The short answer is that you can use DMARC […]
Updates To Who Is Using DMARC?
On February 25th of this year we published a page listing interesting companies that were using DMARC in some capacity. While not a comprehensive survey, it included well-known companies who had published a DMARC policy in DNS. We recently took a look at that list, and were pleased to see that some updates were in […]