Email Security Blog


Mike Jones March 4, 2014 DMARC
Fallback Featured Image

So you’ve heard a lot about this new thing called DMARC, but don’t totally understand what to do? You are at the right place! After all, at Agari we are the DMARC guys. (Someone said this to me at a conference recently. I think it deserves a t-shirt. ☺) If you take a few minutes to read on, we will help you understand why you should publish your business’ first DMARC record.

First, let’s cover a couple of basics. DMARC is a specification developed by some of the world’s largest email senders and receivers who got together to form a group called It is designed to help stop bad guys from spoofing a real business’ domains and tricking users into giving up personal information, a.k.a phishing. Check out some of the data on the site that shows how awesome the adoption of DMARC and the effectiveness of DMARC have been in its first two years.

If what you already know about DMARC has you interested, but not convinced, then let’s look at why you should publish a DMARC record.

1) It’s easy and safe to get started! A DMARC record is a one line TXT record in the DNS for your domain. Here is what a simple DMARC record might look like for your domain.

v=DMARC1; p=none; fo=1;;

Start with a policy that allows you to monitor your email with no danger of blocking real email. In the example above, the “p=none” means that email receivers will take no action but will only monitor and report on your email.

You don’t even need to do anything special with SPF or DKIM to start out. The DMARC data you receive can be your guide to getting SPF and DKIM implementations right. The data will be sent to the email address(es) that you specify after “rua=mailto:” in the example record above.

2) There are tools available to help you understand what it all means. The data you receive after publishing a DMARC record can be intimidating or even incomprehensible. Get help! Your business is probably not about being an email authentication expert, but others are.

The Agari PRO service will collect, normalize, and aggregate your DMARC data from all DMARC reporters. You can access your DMARC data in an intuitive web application. No need for you to learn about parsing and analyzing the ugly XML data files that would otherwise pummel you daily from DMARC receivers. Learn more about Agari PRO and start a free trial.

3) You will learn something about your own email. Most businesses, large and small, have legitimate email sent on their behalf from many sources. Employee email, marketing campaigns, newsletters, surveys, receipts, shipping notices, other transaction notices, payroll, recruiting email, and other HR related notices are all common sources of email for any sized organization.

How many of these types of email does your business send? What email servers do they all come from? Do you even know what company sends them? Often specific types of email are outsourced to 3rd party senders that you don’t even know about.

DMARC can help put these puzzle pieces together for you and allow you to see the whole picture.

4) You will learn something about who is trying to spoof you. How many messages spoofing your domain were sent yesterday? How many are there on an average day? How would you even know? You can monitor an abuse address for complaints, but how many recipients of spoof actually complain? How many even know it was a spoof and not really from you?

Time and again we have seen new customers who are shocked by the amount of spoofing of their domains after turning on DMARC and seeing the data. Check out this quote from Twitter in the latest press release:

“DMARC was eye-opening for our security team at Twitter,” said Josh Aberant, Postmaster at Twitter. “We found massive amounts of abuse from both our domains and look alike domains we’d claimed.

Using DMARC to protect these domains and stop forgeries is a core component of how we protect our users.”

5) Adopt an emerging best practice in data security. Email phishing attacks are the most common entry vector for data breaches. You know the breach that is most recently on everyone’s mind? Target, of course. It turns out a phishing attack led to the hackers obtaining the credentials necessary to pull off the data breach.

Don’t leave your business vulnerable. Publishing your first DMARC record is a start. Protect your business and demand that your partners protect theirs as well.

6) Protect your customers from harm and build trust in your brand. Your customers are your business, right? DMARC is public, broadly implemented, and proven successful where implemented. Your customers deserve this from you!

I hope we have convinced you to take the plunge with DMARC. There’s really nothing to lose from trying it out. You’ll certainly learn something, you’ll probably be scared, and you’ll likely want to continue on to the next steps of securing your brand.

Leave a Reply

Your email will not be published. All fields are required.

Agari Blog Image

July 23, 2020 Michael Paiko

DMARC: How Phishing Rings Can Use Your Email Authentication Controls Against You

In the first reported case of its kind, a phishing ring in Eastern Europe is…

Agari Blog Image

July 7, 2020 Crane Hassold

Cosmic Lynx: A Russian Threat Hits the BEC Scene

“At some point, Russian and Eastern European cybercriminals are going to start thinking to themselves,…

Agari Blog Image

May 12, 2020 Chuck Holland

Hosted DMARC: Accelerating Protection Against Email-based Brand Jacking Scams

The coronavirus pandemic is shining a spotlight on the importance of hosted Domain-based Message Authentication,…

Agari Blog Image

April 7, 2020 Michael Paiko

As More Phishing Attacks Evade Detection, Increased Automation and Visibility Are Key

With a growing number of phishing attacks successfully eluding email security controls, losses for businesses…

Agari Blog Image

March 12, 2020 Michael Paiko

DMARC Report: 85% of Fortune 500 Leave Their Customers Vulnerable to Impersonation Scams

Despite increased adoption of Domain-based Message Authentication, Reporting, and Conformance (DMARC), the vast majority of…

mobile image