This is the second in a new ongoing series for us that gives you the tips and tricks you need for successful DMARC deployment . Read the previous tip here . DomainKeys Identified Mail (DKIM) is the successor to Yahoo DomainKeys. Both share similarities, however DKIM has the additional aspects of Cisco's Identified Internet Mail standard (IIM). The enhancements to this standard gives more security...

This is the start of a new ongoing series for us that gives you the tips and tricks you need for successful DMARC deployment. What does "PermError SPF Permanent Error: Too many DNS lookups" mean? There are several safeguards put in place with SPF . One of these is a limitation of DNS lookups to help ensure that you do not have timeout issues. SPF will evaluate only 10 DNS mechanism lookups in an...

This is the start of a new ongoing series for us that gives you the tips and tricks you need for successful DMARC deployment. There are several safeguards put in place with SPF . One of these is a limitation of DNS lookups to help ensure that you do not have timeout issues. SPF will evaluate only 10 DNS mechanism lookups in an SPF record (mechanisms include: a, mx, ptr, exists, include, redirect)...

By Chris Meidinger When my colleague Erika commented that it's email's birthday month - RFC 821 was posted in August of 1982 - I figured we ought to say happy birthday here on the blog. I set about looking for a more specific date for the RFC's release than "August 1982" to figure out when the exact birthday is, and (of course) my first thought was "well, there must be a mailing list archive...

One of the great things about a conference like BlackHat is that it gives people like me the opportunity to take a step back, get out of the specific back alleyways of cybersecurity that we usually inhabit, and take a broader, more holistic look at attack and defense. One concept that's been talked about for a while is the Cyber Kill Chain. It takes a military-theoretical approach to network asset...

The Benefits of Monitor Mode When a technology exists that can tell you if and when your domains are being spoofed (and by who), why would you not use it?! What is DMARC? DMARC was created to address some fundamental problems with existing email authentication technologies (SPF and DKIM). It provides feedback about your email authentication implementation and gives ISPs (Google, Yahoo!, Microsoft...

By Tomki Camp, Director of Support & Services DomainKeys, or DK, was a signing technique implementation which contributed/evolved into DomainKeys Identified Mail, or DKIM . Since development efforts shifted into working on DKIM in 2004, there have been many improvements and far broader adoption of DKIM in email services. All new uses of email signing should use DKIM rather than DK, as the accepted...

Let’s say you have a very popular store. Your customers love receiving coupons and communications from you by email. Then a spammer sees your email address as a great opportunity to take someone’s personal information. They send an email claiming to be you, requesting updated credit card information from your customers. Now your customers are calling in, upset that their information was...

On April 4, Yahoo! took one giant step forward for email-kind when they requested all Internet email receivers to stop receiving mail purporting to be From: Yahoo!, that is not authentic. This is done with a “DMARC reject” policy. More recently Yahoo! explained their stance in a blog post . "And overnight, the bad guys who have used email spoofing to forge emails and launch phishing attempts...

In response to the article on PC World, Yahoo email anti-spoofing policy breaks mailing lists, we want to take the opportunity to comment on the benefits of DMARC and the important role it plays in securing companies and consumers. 2013 was a pivotal year for email security – multiple, high profile attacks that leveraged weaponized emails as an attack component finally highlighted to the world how...

Global DMARC coverage DMARC recently celebrated its 2nd year anniversary, and has grown rapidly to become the de facto standard in email authentication. It currently covers 2 billion consumer mailboxes in over 70+ countries and has been adopted by most of the global consumer mailbox providers. For the purposes of this article, ISPs are defined as Internet Service Provider that also offer consumer...

With fraud, phishing, and email-borne malware on the rise and with the risks to brands made evident by the recent attacks on Target and Nieman Marcus in 2013, it has never been more important to protect your email channel and prevent attackers from using your brand as a means of targeting consumers. Fortunately, there’s never been a better way to do it. Agari PRO is Agari’s next-generation...

So you’ve heard a lot about this new thing called DMARC, but don’t totally understand what to do? You are at the right place! After all, at Agari we are the DMARC guys. (Someone said this to me at a conference recently. I think it deserves a t-shirt. ☺) If you take a few minutes to read on, we will help you understand why you should publish your business’ first DMARC record. First, let’s cover a...

DMARC, which stands for Domain-based Message Authentication, Reporting, & Conformance, is a specification that defines how email can be authenticated by receivers and how they can report the authentication results back to the sender. The specification was published in 2012, and it is now celebrating its second year of having a positive effect in protecting consumer inboxes from spoofed email. To...

With the data breaches of 2013 bringing cybercrime into the spotlight, one thing has become astoundingly clear – cybercriminals are waging a war and are pulling into the lead. Email plays a key role in this war because email is the single easiest way for criminals to target an individual. Recent breaches have seen criminals sell off that personal information, such as email addresses, home...

For most people the holidays are the happiest time of the year, when you get to see family and friends, open gifts, and eat more food in one day than you eat during a typical week. But with the good comes the bad, such as the stress of travel and finding the perfect gift for that hard-to-please someone. Cybercriminals are well aware that people are stressed and busy in the months leading up to the...

"A 3 month analysis of the top US malicious email campaigns shows DMARC would have identified 90% of these malicious attacks" Over 20 months ago, industry titans including Paypal, Google, Microsoft, Yahoo!, AOL, and Facebook banded together to launch DMARC, a new approach to reducing email phishing/spamming. In the short period since, DMARC has deployed rapidly and now covers 80% of US consumers...

When it comes to the security of your business, you can never be too careful. We’ve talked about the precautions that consumers should take to keep their personal information secure and out of the hands of cyber criminals. Now let’s talk about what businesses need to keep in mind to keep their data and employees safe. Cybersecurity within a business is especially important for various reasons. To...

A report from RSA suggests that hacktivists are indirectly responsible for a portion of phishing attacks. "Hacktivism and the Case of Something Phishy" details how hacktivists are enabling phishing and other types of cybercrime by exposing various databases for their own agendas via a public download link. When this occurs, cybercriminals are quick to swoop in and pillage information including...

[caption id="attachment_3331" align="aligncenter" width="655"] Mathematician Zach Harris, 35, of Jupiter, Fl., poses for a portrait on Tuesday. Photo: Brynn Anderson/Wired[/caption] As you may have seen, either via the US-CERT alert or the story in Wired Magazine , a configuration error in DKIM signing implementations was publicized the week of October 22, 2012. This is NOT a weakness in the DKIM...