01732 759725 22 CVR sTY Tell us about your domain checker. For those who don’t know, what is DMARC and why does it matter? What insights can users gain from it? How does DMARC work? How does DMARC work? It’s a completely free service developed by Sendmarc. We’re trying to raise awareness of DMARC as an urgent security need and an opportunity for channel businesses. DMARC affects all businesses, so the channel has to be aware of this. It is a massive security issue and a chance to add a new revenue stream. DMARC (Domain-based Message Authentication, Reporting & Conformance) is an email security protocol that matters for two main reasons: email deliverability and security. Without any DMARC policy, there’s a risk that legitimate emails will end up in spam. And if it’s not managed correctly, it’s incredibly easy for attackers to impersonate that domain in phishing attacks. It will tell them very quickly how easily attackers could impersonate their email, complete with a domain health score and explanation of how to improve it. DMARC combines two other email protocols: SPF and DKIM. SPF, DKIM and DMARC are all published in your DNS. They’re used to validate emails in the following ways: There are three DMARC policies: The rise of DMARC: why Sendmarc is taking the channel by storm An interview with Angus Shaw, Director of Brigantia Should people set their DMARC to p=reject straight away? How does it affect email deliverability? No. You need a monitoring period to ensure you have all the SPF and DKIM records you need included in the DNS and properly configured. You probably use many different platforms to send emails from your domain (marketing, billing, accounting, etc.), and you need to ensure that they are reflected in your SPF and DKIM records. If you go straight to p=reject, you risk having lots of legitimate emails rejected. The ultimate goal is p=reject, but getting there takes a managed process. Major email clients are trying to crack down on spam and phishing. As part of this, Google and Yahoo announced plans to require all bulk email senders to have a DMARC policy. Otherwise, they would go straight into junk. Other email clients will likely follow Google’s lead. And if more than 0.3% of your emails go to spam, you risk account bans. They currently define bulk senders (whom these policies target) as domains that send over 5,000 messages per day. However they may lower that threshold, and in the meantime, email platforms like HubSpot and Mailchimp are forcing all users to create a DMARC policy. SPF (Sender Policy Framework) tells recipient mail servers which servers your emails are sent from. It’s a way of checking that an email started from a legitimate source. DKIM (DomainKeys Identified Mail) attaches an encrypted signature to legitimate emails. It prevents them from being intercepted and tampered with in transit. DMARC tells recipient servers what to do with emails that fail SPF and DKIM. p=none: this tells recipient mail servers to allow all emails from the domain even if they fail SPF and DKIM, and a report will be generated. p=quarantine: with this policy, emails that fail SPF and DKIM will go to quarantine/junk, and the domain owner will be notified. p=reject: this is the most secure DMARC policy. It tells recipients to reject emails that fail SPF and DKIM.
RkJQdWJsaXNoZXIy NDUxNDM=