Can I Use DMARC If I Have Only Deployed SPF?

A question people asked repeatedly in 2016 was whether or not their organization could deploy DMARC if they only used SPF at present. They knew the recommendation is to use both DKIM and SPF, and were concerned that their organizations couldn’t benefit from DMARC without DKIM. The short answer is that you can use DMARC […]

Instructional DMARC videos from Dmarcian

DMARC report processor Dmarcian.com has made a series of videos about DMARC and email authentication available on their website. There is no charge to view the nine videos, which are based on presentations Dmarcian has developed and offered over the past several years. You can find all nine videos here: https://space.dmarcian.com/videos-on-all-things-dmarc

“DMARC is easy!” “DMARC is hard!” Which is it?

It happens so often in IT that it’s a cliché. Somebody comments to senior management about a complex, long-term project you’re involved in, saying: “That’s easy, I could do that in an afternoon. What’s taking your people so long?”  Or you’ve spent weeks on careful research, building the business case, explaining the cost-benefit trade-offs, and […]

Paper on DMARC and privacy laws in Germany and the EU

eco, the largest Internet industry association in Europe, released a paper in late March addressing DMARC and the data privacy laws of the EU. The short answer is that mailbox providers should feel free to implement DMARC filtering and send aggregate reports to domain owners, even under the very stringent data privacy laws of Germany. […]

Email Authentication and Messaging Operations

Effective email authentication requires an organization to have clear control of its messaging operations, and it can take a lot of work to get there if you don’t already have it. But many don’t realize that deploying DMARC – before or while you’re deploying DKIM and SPF – can offer a valuable external view of […]

Who Is Sending Email As Your Company?

You might expect that the IT department or security team knows who’s sending email using your company’s domains. But for a variety of reasons these groups are often unaware of many legitimate senders — not to mention all the bad actors. Fortunately you can get a more complete view by using DMARC‘s reporting features.