Why DMARC is very important!

End users and companies all suffer from the high volume of spam and phishing on the Internet. Over the years several methods have been introduced to try and identify when mail from a particular domain really is, or really isn’t coming from that organization. However:

• These mechanisms all work in isolation from each other

• Each receiver makes unique decisions about how to evaluate the results

• The legitimate domain owner (e.g. IRS) never gets any feedback

DMARC attempts to address this by providing coordinated, tested methods for:

Domain owners

• Signal that they are using email authentication (SPF, DKIM)

• Provide an email address to gather feedback about messages using their domain – legitimate or not

• A policy to apply to messages that fail authentication (report, quarantine, reject

Email receivers

• Be certain a given sending domain is using email authentication

• Consistently evaluate SPF and DKIM along with what the end user sees in their inbox

• Determine the domain owner’s preference (report, quarantine or reject) for messages that do not pass authentication checks

• Provide the domain owner with feedback about messages using their domain

A domain owner who has deployed email authentication can begin using DMARC in “monitor mode” to collect data from participating receivers. As the data shows that their legitimate traffic is passing authentication checks, they can change their policy to request that failing messages be quarantined. As they grow confident that no legitimate messages are being incorrectly quarantined, they can move to a “reject” policy.

Call Synoptiq today for DMARC! Visit the use case here. Original article here.