Thom Heemstra's blog

You are here: Home / Security / DMARC and the Forged Emails Dilemma

DMARC and the Forged Emails Dilemma

3rd February 2017 by thom Leave a Comment

You might have noticed that many top level websites are spamming your inbox. What is it? It might have taken you by surprise. According to a recent research, Lax security standards are allowing email spoofing from the most-visited domains. Though authentication systems are trying to resolve these issues but there are shortcomings from many of the top websites in authentication usage. This failure is further opening the door for “forged emails”.  Till date DMARC is the most advanced and greatest email authentication system to deal with such issues.

What is DMARC?

DMARC stands for “Domain-based Message Authentication, Reporting & Conformance”. It is basically an email authentication protocol. It ensures the proper authentication of legitimate emails against (with) established standards of DKIM and SPF, since it is build on these protocols. The protocol has a reporting function for forged emails that allows the sender and the receiver to improve the domain protection. There are two key values of DMARC: domain alignment and reporting.

How it Works?

In non-technical terms we define the working of DMARC as a system that prevents email spoofing. Its alignment feature works very well to match the right things like “header from” domain name with the “envelope from” domain name according to SPF standards. DMARC handles all the guesswork and limit or eliminate the user’s exposure to forged emails through blocking and quarantine. Also, the policy enables a receiver to report back any forged email to the sender.

What is Its Usage?

DMARC has many great uses for its consumers. It helps end users by working with their mailbox providers like Hotmail, Gmail, Yahoo, etc. As a result, users enjoy spam free inbox, since DMARC keeps all the spam and phishing messages from reaching their inbox.

All this happens behind the scenes and it seems to work like conventional spam filtering system. Where users see less forged emails and spam messages. However, DMARC group has plans for future, to make the whole process visible to end users but at the present moment it is all about establishing standard and gaining experience to allow mainstream adoption.

Moreover, DMARC is especially designed to work with an organization’s existing inbound email authentication system. It works in a way to facilitate email receivers determine if the received message is aligned with what the receiver knows about the sender. In case, it is not then DMARC includes clear guidance on how to handle the non -aligned or forged emails (QURANTINED, BLOCKED, etc.)

Why You Should Use DMARC?

The protocol has great significance for you especially if you have any 3rd party email systems sending messages on your behalf. You will need to set these systems up with authentication. Else you would risk having your mails treated as forged or phishing attempts. So it will not reach your intended audience. Using DMARC authentication in this regard will provide great benefit to your organization or business.

Remember, DMARC is the right (first) step to kerb forged email dilemma, especially at the ISP level. This is where you can’t see who may be spoofing your domain. Your views and suggestions are highly welcome in the comments section below. Let me know, what is your experience with DMARC?

 

We’ve spoken a lot about SEO, but we haven’t dug into on-site and off-site SEO, check back next week and find out what it is and how to use it!

Filed Under: Security Tagged With: dkim, dmarc, spam, spf

Leave a Reply Cancel reply

You must be logged in to post a comment.

Follow @th33mstra

Thom Heemstra
@th33mstra

  • RT @nicktolhurst: “We only went to Washington to visit its world famous Cathedral. We had no idea what was happening elsewhere there.” http…
    about 2 months ago
    Reply Retweet Favorite
  • RT @nicktolhurst: Your reminder once again... Boris Johnson’s majority is larger than the hard right ERG group. And Labour are extremely…
    about 3 months ago
    Reply Retweet Favorite
  • @DavidJEWood @ritakhoury10 This is the same view as in the pic https://t.co/822ccVQ24P
    about 3 months ago
    Reply Retweet Favorite

Recent Posts

  • Recent Developments in Blockchain
  • Top 5 SEO Mistakes Made By Marketing Agencies
  • Why Is Link Building Important For SEO?
  • Internet Privacy Issues And Ways It Can Be Compromised
  • 10 Practical Tips to Improve Online Privacy

Categories

  • Announcements
  • Artificial Intelligence
  • Big Data
  • BlockChain
  • Internet of Things
  • Money
  • New Media
  • Privacy
  • Responding to news
  • Security
  • SEO
  • Tutorials
  • Webhosting

Copyright © 2021 · Agency Pro Theme on Genesis Framework · WordPress · Log in