Email Security Blog

Secondary Benefits of DMARC-derived Infrastructure Intelligence

Agari June 19, 2014 DMARC
Fallback Featured Image

By Thede Loder, Principal of Data Services

One of the design goals of DMARC was to provide a way for domain owners to gain additional visibility into their email sending infrastructure.  Specifically, which systems are sending email using their domains in email messages’ from header fields, with what authentication outcomes (SPF, DKIM), and which ISP is receiving the messages. This visibility is included within DMARC and is considered essential to its success as it facilitates planning and rollout of DMARC-related infrastructure upgrades and configurations. In addition, and just as importantly, it enables ongoing monitoring of sending systems to ensure continued compliance.

As is often the case with good designs, where a solution for one problem addresses others “by accident”, the new visibility created by DMARC is useful for other things beyond its primary intended use. For example, DMARC reporting can provide you with an inventory of all your systems that send email for a domain, including the IP addresses of each system and the volume of messages it sends. This is useful for planning and scoping in lots of contexts; do you have a cross-company system consolidation in the works, broad rebranding updates, or network infrastructure changes ahead? The sending system inventory lets you size your projects and build your checklists.

Here are two other examples:

  • Independently validate your reach. Since all of the largest ISPs in the US implement the basic data reporting DMARC specifies (representing more than 85% of US consumer inboxes), you can quickly get a picture of where your email is going when this information is aggregated.

  • Vendor Management. Are you using twelve Email Service Providers (or Marketing Service Providers) when you could be using five and saving? Do you have a rogue product group using an MSP that is not approved or compliant with other company-wide requirements? DMARC reporting can help you discover and view your supplier map in a central location.

So, even if you do not plan to go all the way with your DMARC deployment, by setting the policy for your domains to “reject” (required if you wish to prevent abuse), you can still benefit from the enhanced visibility provided by DMARC monitoring. Fortunately, it’s pretty simple to setup a DMARC record – and Agari can present the results to you in a meaningful way. You can get started for free by using our DMARC builder.

Leave a Reply

Your email will not be published. All fields are required.

Agari Blog Image

April 17, 2019 Fareed Bukhari

The Time is Now: Underscoring the Importance of DMARC for State and Local Governments

Scammers know that impersonating a trusted government agency is an extremely effective way to trick…

Agari Blog Image

February 26, 2019 Armen Najarian

Retail Trails Other Sectors in Adopting DMARC for Phishing Prevention

Recent research by the Agari Cyber Intelligence Division finds that the retail industry is dead…

Person Looking at DMARC Protected Email

February 19, 2019 Fareed Bukhari

DMARC Adoption Up, But 85% of Fortune 500 Remains Vulnerable to Brand Hijacking

Adoption of Domain-based Message Authentication, Reporting, and Conformance (DMARC) has seen modest growth in recent…

Agari Blog Image

October 16, 2018 Fareed Bukhari

One Year Later: Federal Mandate for Email Authentication Huge Success

Responding to BOD 18-01, agencies rally to complete the fastest sector-wide adoption of DMARC One…

Agari Blog Image

October 16, 2018 Patrick Peterson

DMARC: A 12-Month Triumph for DHS—and the Nation

Today is the deadline set by the Department of Homeland Security for all executive branch…

mobile image