DMARC ISP What is it and why you should care

With the rise in email scams, it is more important than ever to be sure that your business’s emails are authentic.

DMARC (Domain-based Message Authentication Reporting and Conformance) is an email validation system designed to protect your organization’s email domain from spoofing and phishing scams. It uses your existing email authentication protocols such as SPF (Sender Policy Framework) and DKIM (Domain Keys Identified Mail) to determine your email message’s authenticity.

It adds an essential piece of functionality of reports back to the domain owner, who can then decide who is sending email on their behalf.

DMARC: what is it?

The DMARC tool adds a level of certainty on whether an email is legit.

In a nutshell, Domain-based Message Authentication Reporting and Conformance adds a level of certainty on whether an email is legit and that it has originated from your domain and essentially acts like a security guard to inboxes. When appropriately deployed, DMARC uses the DNS to publish information to instruct a recipient (ISP) on what to do with that email should it fail SPF and DKIM authentication tests.

There are three instructions when authentication fails

  1. P=None, it does nothing
  2. P=Quarantine, it will quarantine the email
  3. When P=Reject, the email will be rejected and never get there

Setting up DMARC is relatively easy but hard to move from None to Reject to protect your domain fully.

It Does Not Guarantee Deliverability

But it does guarantee that your email will be handled according to best practices and provide a clear path for how you can ensure legitimate emails reach the inbox. DMARC is an essential tool in protecting yourself from cybercrime, minimizing phishing scams, and making sure corporate reputations are guarded against spoofing attacks.

As DMARC has grown as a standard over the last few years, there is still little adoption by those sending mail on behalf of others (large retailers). For now, we recommend starting with DKIM / SPF first but getting ready to move up to P=Reject once appropriate.

There is no guarantee to get 100% inbox placement at all ISP’s. Deliverability is a combination of many things that make up your reputation, and DMARC is one piece of a massive pie. Do you want your DMARC analyzed?

DMARC analyzing software can acts as your expert guide providing reports for all spf dkim and dmarc needs.

DMARC: why you need it now.

Email scams are on the rise and DMARC is an easy way to fight back against these scammers by making your email domain more trustworthy than ever before. A typical report that will come from most ISP’s after implementing DMARC includes all sorts of data including who attempted delivery, where they were delivered, what happened to them (Quarantine or Reject), if they bounced, etc.

This gives a complete picture of how your emails are being treated by ISPs along with recommendations for improvement as well as best practices in actionable steps.

According to APWG, there are 201,591 unique phishing sites reported. If you want to protect your domain, prevent spoofing, and potentially give yourself insight and choice on email leaving your domain, this is a no-brainer given the sheer size and exposure you might open yourself up to.

DMARC is currently supported by all major ISPs (such as Google, Microsoft, Yahoo! etc). At the moment DMARC is awaiting approval to become an open standard approved by The Internet Engineering Task Force (IETF).

The sophistication of spoofing, phishing scams, and malicious emails continues to boggle our minds here at iPost, so you want to make sure you do everything you can to prevent something by being proactive. The last thing you want to do is become reactive with email spoofing.

DMARC Report Frequency.

Google recommends you review your daily DMARC reports to verify that messages from your domain are sent by known authorized servers, and pass authentication checks.

Get a Free Email Assessment

At iPost, we are here to help you with this, so contact us today for a free assessment.

DMARC is one of the biggest steps you can take to protect your domain reputation and email deliverability. DMARC experts at iPost are here for all your needs including analyzing dmarc reports, setting up p=reject with ISPs, and developing an actionable strategy moving forward!