Why do you need DMARC to protect your email domains from being leveraged in phishing attacks? To get the full picture, let's look at the basics—and how DMARC came to be.
This post originally appeared on the Armadillo Blog and has been lightly edited for clarity.
Most organisations have been successful in blocking malicious emails targeted at their employees, at least to some extent. Various on-premise and cloud providers exist to take care of anti-spam, anti-virus, reputation scores, and advanced features such as sandboxing of executables.
DMARC builds on two earlier email authentication standards: SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail).
As we mentioned in the first post of this series, with the arrival of ARC, one of the biggest blockers to DMARC adoption up to now has been the inability to use it with mailing lists or forwarders.
Agari has been working diligently to stop the abuse of email since its founding in 2009. By driving increased adoption of DMARC email authentication, Agari (and the industry as a whole) has made it much harder for criminals and other bad actors to forge email identity.
With the surge of phishing and other advanced email attacks, you can’t be too careful when it comes to your inbound email messages. Beyond viewing the basic information provided, you should make it a habit of viewing and understanding your emails' full headers.
Series Introduction l Internal Infrastructure l Third Party Senders
John Wilson, Director, Sales Engineering
John Wilson, Director, Sales Engineering
Before the excitement that is creating a new SPF record, there are a few steps you should take in order to organize the information you will need to be successful.
Here is your “grocery” list of information you should know about your sending outgoing mail traffic:
- web server
- in-office mail server (e.g., Microsoft Exchange)
- your ISP's mail server
- mail server of your end users' home ISP
- any other mail server
This is the second in a new ongoing series for us that gives you the tips and tricks you need for successful DMARC deployment . Read the previous tip here.
What are the differences between DomainKeys (DK) and DKIM?