DMARC Email authentication protocol
WHITE PAPER
www.SproutIT.co.uk [email protected] +44 (0) 20 70368530 @Sprout_IT Sprout IT
ABOUT SPROUT IT
Sprout IT enable law firms & barristers’ chambers to achieve From Document Management Solutions and Fees/Diary competitive advantage and peace of mind, through the software, to email archive, compliance, encryption and innovative use of best-of-breed technology, focussed security, Sprout IT can plan, implement and support your cyber security and resilience, award winning services, and entire infrastructure. passion for service excellence. A self-service DMARC tool that makes securing emails easy
What is DMARC? In 2011, several of the major global email providers came together in an attempt to put an end to phishing.
Although there were already two email security protocols in place at that time (Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM), neither protocol effectively prevented phishing.
SPF - This protocol verifies emails which are sent from a valid IP address. DKIM - This protocol verifies emails which have been signed by the domain they were sent from or on behalf of (by using encryption in the header of an email).
While these protocols had been accepted by the major global email providers, a secondary layer was required to block the phishing emails which were being identified by the protocols.
DMARC - In 2015, the Domain-based Messaging, Authentication and Reporting Conformance (DMARC) was ratified to report on these individual protocols, accurately validate emails and block phishing attacks.
Enforcement through an authentication policy
The delivery of emails is handled by DMARC by reference to one of the following three policies, which can be set by the use
p=none – this policy allows all emails to reach the receiver, regardless of whether they have been authorised
p=quarantine – this policy determines that emails which fail DMARC validation will be sent to the receiver’s junk/spam folder.
p=reject – this policy determines that all unauthorised emails are completely blocked.
www.SproutIT.co.uk White paper by [email protected] +44 (0) 20 70368530 @Sprout_IT Sprout IT How DMARC works
Email is sent
Verifies if the email is Verifies if the email sent from an has been signed by authorised sender the same domain it was sent from
Authentication Authentication identifiers identifiers
Aligns authentication identifiers
Email passes or fails authentication
The recipient receives secure email
www.SproutIT.co.uk White paper by [email protected] +44 (0) 20 70368530 @Sprout_IT Sprout IT Which organisations are already using DMARC?
Adobe Facebook Pinterest Amazon Google Twitter AOL Instagram Verizon CNN Microsoft Yahoo Dropbox PayPal YouTube
DMARC has been widely adopted by most email receivers (including Google, Yahoo and Microsoft), which means that most consumer inboxes are already protected. DMARC already protects 85% of consumer US inboxes and approximately 70% of consumer inboxes worldwide from phishing emails, provided that the organization being impersonated in a phishing email has a published DMARC record.
DMARC provides reports to users showing most, if not all, emails that purport to come from a user’s domain, not just those that cross the organization’s network boundary. This contrasts with traditional cyber security gateway appliances, which only pick up phishing emails that cross the network boundary.
Without DMARC, organisations are therefore not getting a complete picture of the number and scale of attacks against them.
Organisations that are subject to regular email spoofing suffer considerable reputational damage. Phishing scams often attract negative press, with liability often attributed to the organization which has been impersonated.
Organisations that fail to take the necessary precautions to prevent email spoofing are likely to be considered less trustworthy. Customers may not trust emails which purport to come from such organisations and may be deterred from using email to communicate with them, this can impact on those organisations’ ability to communicate effectively with their customers.
www.SproutIT.co.uk White paper by [email protected] +44 (0) 20 70368530 @Sprout_IT Sprout IT Making the case for DMARC
You can check your organisation’s current DMARC set up at www.ondmarc.com, which will provide clear information on the status of DMARC, SPF and DKIM. The site will also indicate whether your inbox and DNS are compatible.
Complete visibility DMARC provides reports to users showing most, if not all, emails that purport to come from a user’s domain, not just those that cross the organization’s network boundary. This contrasts with traditional cyber security gateway appliances, which only pick up phishing emails that cross the network boundary. Without DMARC, organizations are therefore not getting a complete picture of the number and scale of attacks against them.
Hackers send email phishing attacks Hackers can impersonate your email address and to your firm. send phishing attacks inside and outside your firm.
[email protected] your-name@yourfirm.com
Your Firm
Clients Suppliers Your Firm
Various cyber security solutions OnDMARC stops impersonation of your filter inbound email. email address globally.
www.SproutIT.co.uk White paper by [email protected] +44 (0) 20 70368530 @Sprout_IT Sprout IT OnDMARC is self-service DMARC tool that makes securing emails easy Sprout IT's new technology partner, OnDMARC is a cloud-based application that enables organisations to quickly configure SPF, DKIM and DMARC for all their legitimate email sources and instantly blocks any email impersonation based phishing attacks.
OnDMARC is an easy and intuitive way to deploy and maintain DMARC protection across your domains. By analyzing the dense and complex DMARC reports OnDMARC not only gives you insight into what’s happening across your domains but also what to do about it.
OnDMARC’s Dynamic SPF allows you to use only 1 SPF lookup to connects to our system where you will have unlimited lookups. Not only is this much simpler to manage but it prevents your au the lookup limit of 10 and have your authorized traffic failing SPF authentication.
The three steps to securing your domain with OnDMARC are:
Insight - Your email configuration remains the same and we monitor your email traffic for you so you can easily identify authentic and phishing sources sending using your domain.
Action - You are given bespoke actions to configure SPF and DKIM for your authorised email sources.
Protection - Once you have properly configured SPF and DKIM and have no authorised traffic failing authentication for 7 days, OnDMARC will provide you with your DMARC reject policy to block all unauthorized senders from sending on your behalf. OnDMARC will continue to monitor your domain and alert you when changes need to be made.
www.SproutIT.co.uk [email protected] +44 (0) 20 70368530 @Sprout_IT Sprout IT How does OnDMARC Work?
You send an email
OnDMARC reprots Unauthorised sender and suggests actions
Checks DMARC, SPF and DKIM records
Spam Rejected Sender's organisation's DNS server
Get OnDMARC from Sprout IT Sprout IT is a key channel partner for OnDMARC. Get in touch with us to discuss the best possible OnDMARC implementation option for your business. Call us on +44 (0) 20 7036 8530 and choose Options: 2 or email us here.
www.SproutIT.co.uk [email protected] +44 (0) 20 70368530 @Sprout_IT Sprout IT