DMARC What is it and why you should care

WHAT IS IT?

DMARC (Domain-based Message Authentication Reporting and Conformance) is an email validation system designed to protect your organization’s email domain from spoofing and phishing scams. It uses your existing email authentication protocols such as SPF (Sender Policy Framework) and DKIM (Domain Keys Identified Mail) to determine your email message’s authenticity. It adds an essential piece of functionality of reports back to the domain owner, who can then decide who is sending email on their behalf.

In a nutshell, DMARC adds a level of certainty on whether an email is legit and that it has originated from your domain and essentially acts like a security guard to inboxes. When appropriately deployed, DMARC uses the DNS to publish information to instruct a recipient (ISP) on what to do with that email should it fail SPF and DKIM authentication tests. There are three instructions when authentication fails

  • When P=None, it does nothing
  • When P=Quarantine, it will quarantine the email
  • When P=Reject, the email will be rejected and never get there

Setting up DMARC is relatively easy but hard to move from None to Reject to protect your domain fully.

WHAT DMARC IS NOT

A guarantee to get 100% inbox placement at all ISP’s. Deliverability is a combination of many things that make up your reputation, and DMARC is one piece of a massive pie.

WHY YOU SHOULD CARE.

According to APWG, there are 201,591 unique phishing sites reported. If you want to protect your domain, prevent spoofing, and potentially give yourself insight and choice on email leaving your domain, this is a no-brainer given the sheer size and exposure you might open yourself up to. If you send emails to large ISP’s such as Google, Microsoft, Yahoo!, they all support DMARC.

The sophistication of spoofing and phishing scams continues to boggle our minds here at iPost, so you want to make sure you do everything you can to prevent something by being proactive. The last thing you want to do is become reactive with email spoofing.

Seriously, it’s this serious.

At iPost, we are here to help you around this, so contact us today for a free DMARC assessment.