A question people asked repeatedly in 2016 was whether or not their organization could deploy DMARC if they only used SPF at present. They knew the recommendation is to use both DKIM and SPF, and were concerned that their organizations couldn’t benefit from DMARC without DKIM. The short answer is that you can use DMARC […]
In July the Australian Signals Directorate, part of the Department of Defence, and the Australian Cyber Security Centre issued a report for IT professionals titled, Malicious Email Mitigation Strategies. The report recommends the most effective methods of protecting organizations from email-borne attacks, and includes deploying DKIM, DMARC, and SPF. Furthermore it recommends using DMARC with […]
It’s very common for any organization’s first attempt at a DMARC record to get the syntax or content wrong in some respect. This post will share some of the missteps and oddities seen while reviewing a dataset of captured Domain Name System (DNS) queries provided by Farsight Security. To be clear, all of the records […]
Product managers and engineers from some of the world’s largest mailbox providers recently got together to explain coming changes in email authentication at an industry conference. While we can’t share all that was said, we did get permission to share their combined best practice recommendations, which will work as well for a small business as […]
DMARC report processor Dmarcian.com has made a series of videos about DMARC and email authentication available on their website. There is no charge to view the nine videos, which are based on presentations Dmarcian has developed and offered over the past several years. You can find all nine videos here: https://space.dmarcian.com/videos-on-all-things-dmarc
It happens so often in IT that it’s a cliché. Somebody comments to senior management about a complex, long-term project you’re involved in, saying: “That’s easy, I could do that in an afternoon. What’s taking your people so long?” Or you’ve spent weeks on careful research, building the business case, explaining the cost-benefit trade-offs, and […]
A new presentation explaining the basics of how email authentication works is available from DMARC.org. The concepts and common usage of SPF, DKIM, and DMARC are all covered in this introductory slide deck, which is made available under the Creative Commons Attribution-ShareAlike 4.0 International License (CC BY-SA). You can download the 1.9MB PDF file clicking […]
An initiative organized by the Dutch government, industry organizations, and the Internet Society is offering a website where users can see if their email provider is using a range of modern Internet standards: IPv6, DNSSEC, TLS, DKIM, DMARC, and SPF. Use this link in English or this link in Dutch to access the site, which […]