Email Security Blog

The Four Types of Senders: Your Internal Infrastructure

Agari November 13, 2014 DMARC
Fallback Featured Image

Series Introduction

Danielle DeWolfe, Solutions Engineer

I have been working in the email security space for quite some time. One of the first steps to securing your email channel is to know where your email is coming from. Sounds simple enough, right? But what if I were to ask you right now, “How many domains and IP addresses do you use to send email?” You probably will give me a quick answer off of the top of your head. If I then asked you, “Does this include your server notification systems? Where are your marketing campaigns being sent from? What other groups are working autonomously outside of the IT scope that could be sending notifications? Alerts? Communications?” I bet you want to go back and change your answer now.

Here at Agari I get the unique opportunity to work with some of the biggest companies on their email authentication practices. In order to authenticate, you need to know who is sending on your behalf, and where they are sending from. Every organization I have worked with has discovered several domains and IP addresses- thanks to DMARC reporting information- that they were previously completely unaware of. DMARC reporting allows for organizations to have visibility into the email ecosystem like never before. Here is a list of common internal services that DMARC reporting has helped shed light on that you may have never considered:

  • application monitoring and alerting
  • sales leads from marketing systems
  • IDS/IPS and other security systems
  • IT and HR ticketing systems
  • document management system notifications
  • intranet collaboration system notifications

Looking deep into your infrastructure can be difficult. Even if you know where to look, are you confident that you are aware of every server configured? What about personal machines being configured as mail senders for rogue marketing teams or testers? DMARC reporting allows you to find this information without getting lost in the search. You can begin creating your trusted network without leaving any server or domain behind.

Now that we have shed some light into your sending IPs and infrastructure, what about email traffic sent from third parties on your behalf, such as marketing and survey companies? This is often the trickiest group to get a handle on within an organization. So, stay tuned for the next blog in our “The Four Types of Senders” series on 3rd Party Senders.

Leave a Reply

Your email will not be published. All fields are required.

Agari Blog Image

April 17, 2019 Fareed Bukhari

The Time is Now: Underscoring the Importance of DMARC for State and Local Governments

Scammers know that impersonating a trusted government agency is an extremely effective way to trick…

Agari Blog Image

February 26, 2019 Armen Najarian

Retail Trails Other Sectors in Adopting DMARC for Phishing Prevention

Recent research by the Agari Cyber Intelligence Division finds that the retail industry is dead…

Person Looking at DMARC Protected Email

February 19, 2019 Fareed Bukhari

DMARC Adoption Up, But 85% of Fortune 500 Remains Vulnerable to Brand Hijacking

Adoption of Domain-based Message Authentication, Reporting, and Conformance (DMARC) has seen modest growth in recent…

Agari Blog Image

October 16, 2018 Fareed Bukhari

One Year Later: Federal Mandate for Email Authentication Huge Success

Responding to BOD 18-01, agencies rally to complete the fastest sector-wide adoption of DMARC One…

Agari Blog Image

October 16, 2018 Patrick Peterson

DMARC: A 12-Month Triumph for DHS—and the Nation

Today is the deadline set by the Department of Homeland Security for all executive branch…

mobile image