A question people asked repeatedly in 2016 was whether or not their organization could deploy DMARC if they only used SPF at present. They knew the recommendation is to use both DKIM and SPF, and were concerned that their organizations couldn’t benefit from DMARC without DKIM. The short answer is that you can use DMARC […]
DMARC report processor Dmarcian.com has made a series of videos about DMARC and email authentication available on their website. There is no charge to view the nine videos, which are based on presentations Dmarcian has developed and offered over the past several years. You can find all nine videos here: https://space.dmarcian.com/videos-on-all-things-dmarc
It happens so often in IT that it’s a cliché. Somebody comments to senior management about a complex, long-term project you’re involved in, saying: “That’s easy, I could do that in an afternoon. What’s taking your people so long?” Or you’ve spent weeks on careful research, building the business case, explaining the cost-benefit trade-offs, and […]
There are good reasons why one domain might want to have the DMARC reports about its traffic sent to a mailbox in a different domain. However DMARC.org has recently received several aggregate reports for a few seemingly random domains with no connection to DMARC.org – which is potentially a form of abuse itself, and one […]
eco, the largest Internet industry association in Europe, released a paper in late March addressing DMARC and the data privacy laws of the EU. The short answer is that mailbox providers should feel free to implement DMARC filtering and send aggregate reports to domain owners, even under the very stringent data privacy laws of Germany. […]
On April 15-16th multiple sources reported seeing an increase in the number of DMARC reports generated or received. Between two and three and a half times as many reports per day were observed, depending on the source. There was some hope there would be a public announcement during the RSA Conference in San Francisco last […]
Effective email authentication requires an organization to have clear control of its messaging operations, and it can take a lot of work to get there if you don’t already have it. But many don’t realize that deploying DMARC – before or while you’re deploying DKIM and SPF – can offer a valuable external view of […]
You might expect that the IT department or security team knows who’s sending email using your company’s domains. But for a variety of reasons these groups are often unaware of many legitimate senders — not to mention all the bad actors. Fortunately you can get a more complete view by using DMARC‘s reporting features.