A question people asked repeatedly in 2016 was whether or not their organization could deploy DMARC if they only used SPF at present. They knew the recommendation is to use both DKIM and SPF, and were concerned that their organizations couldn’t benefit from DMARC without DKIM. The short answer is that you can use DMARC […]
United Kingdom Leading The Way In Email Security
The United Kingdom may have the most forward looking policies and deployment plans of any major government. Last week Chancellor of the Exchequer Philip Hammond announced a £1.9 billion national cyber security strategy that includes a broad series of measures, and will continue a series of improvements in email security that the UK government has […]
Australian Government Agency Recommends DMARC, DKIM, and SPF
In July the Australian Signals Directorate, part of the Department of Defence, and the Australian Cyber Security Centre issued a report for IT professionals titled, Malicious Email Mitigation Strategies. The report recommends the most effective methods of protecting organizations from email-borne attacks, and includes deploying DKIM, DMARC, and SPF. Furthermore it recommends using DMARC with […]
Common Problems With DMARC Records
It’s very common for any organization’s first attempt at a DMARC record to get the syntax or content wrong in some respect. This post will share some of the missteps and oddities seen while reviewing a dataset of captured Domain Name System (DNS) queries provided by Farsight Security. To be clear, all of the records […]
Eleven Commercial Email Gateways Support DMARC
Businesses and other organizations can protect themselves from certain classes of phishing attacks on their employees by using DMARC to filter incoming email messages. But whether the company is large or small, they usually don’t have the expertise or resources to build their own filtering solution. That’s why commercial email gateways that support DMARC are […]
Best Authentication Practices for Email Senders
Product managers and engineers from some of the world’s largest mailbox providers recently got together to explain coming changes in email authentication at an industry conference. While we can’t share all that was said, we did get permission to share their combined best practice recommendations, which will work as well for a small business as […]
Instructional DMARC videos from Dmarcian
DMARC report processor Dmarcian.com has made a series of videos about DMARC and email authentication available on their website. There is no charge to view the nine videos, which are based on presentations Dmarcian has developed and offered over the past several years. You can find all nine videos here: https://space.dmarcian.com/videos-on-all-things-dmarc
“DMARC is easy!” “DMARC is hard!” Which is it?
It happens so often in IT that it’s a cliché. Somebody comments to senior management about a complex, long-term project you’re involved in, saying: “That’s easy, I could do that in an afternoon. What’s taking your people so long?” Or you’ve spent weeks on careful research, building the business case, explaining the cost-benefit trade-offs, and […]
“Email Authentication Basics” Slide Deck Now Available
A new presentation explaining the basics of how email authentication works is available from DMARC.org. The concepts and common usage of SPF, DKIM, and DMARC are all covered in this introductory slide deck, which is made available under the Creative Commons Attribution-ShareAlike 4.0 International License (CC BY-SA). You can download the 1.9MB PDF file clicking […]
New Site Checks for DMARC, DKIM, SPF, TLS, DNSSEC, and IPv6
An initiative organized by the Dutch government, industry organizations, and the Internet Society is offering a website where users can see if their email provider is using a range of modern Internet standards: IPv6, DNSSEC, TLS, DKIM, DMARC, and SPF. Use this link in English or this link in Dutch to access the site, which […]