Guest article:
In 2017, he founded Oppidum Security , which essentially helps companies secure their cloud and email communications.
He offers us this essential communication on the security of your computer communications.
Block email spoofing and increase email deliverability!
“91% of attacks (spam, fishing, scaming, ransomwarse, etc.) start with the receipt of an email”
“73% of millennials prefer company communications to be executed via email.”
- Is it acceptable for “anyone” to be able to send emails with your organization’s email addresses?
What is DMARC?
Wikipedia provides us with a definition of the protocol.
DMARC, which stands for Domain-based Message Authentication, Reporting and Conformance, is a technical specification created by a group of organizations that wants to help reduce email misuse, such as spam, phishing, by providing a solution for deploying and monitoring issues related to email authentication.
Here are 7 good reasons why you should deploy DMARC to protect your domain names?
- For incoming emails. DMARC is a protection against the risks associated with the spoofing of your email addresses in the context of “CEO fraud” for example;
- For outgoing emails. In this case, it is a question of protecting your brand image, i.e., to prevent your emails from being used to hack your customers, business partners, etc. this is especially important in a B to C relationship:
- Better deliverability of your emails. Implementing DMARC in “blocking” mode decreases the chances of your emails being labeled as spam.
Gmail helped create DMARC. This implies that Google’s anti-spam email includes the so-called ” Spam Score” parameter. In addition, Gmail is by far the most popular email service on the international market (50% in North America).
- Reduces the risk of your domain name being blacklisted by anti-spam.
If you use email marketing platforms” like “MailChimp” or “Mailjet”, and if your contact lists are not compliant. You run the risk that your domain will one day be blacklisted and that no more emails will be accepted by your recipients’ anti-spam folders. DMARC significantly reduces this risk. - Better visibility of your brand with the BIMI protocol (Gmail pilot start July 2020).
- You will be notified in the event of an attempt to spoof your email addresses. Implementing DMARC professionally involves using a tool to analyze your DMARC reports. This analysis will highlight attempts to spoof your email addresses.
- Your IT department will have a better understanding of its email flows: Which systems issue emails on behalf of your organization?
In 2021, the answer to this question is not necessarily obvious. With just a browser and a credit card, any employee in your company can subscribe to new SaaS services and start using them.
This is especially important for organizations that have subsidiaries, multiple brands, multiple domain names.
Understanding the issues
To configure DMARC in block mode (Quarantine/Reject), it is first necessary to authenticate with SPF / DKIM all email flows in your organization.
This can be easy if your organization is small, with few email sending systems. For example, an accounting firm, with 10 or 20 computers, that uses O365 or Google Workspace, should be able to do this without too much difficulty.
On the other hand, the deployment of DMARC in large companies requires good organization because in this case the implementation of DMARC does not only involve the IT department but possibly human resources, customer service, marketing department, accounting and sometimes even, suppliers and subcontractors.
In any case, DMARC report analysis, with an analysis tool, helps identify all systems and applications sending emails with your domain names.
DMARC allows DMARC reports to be received on an email address through a DMARC record configured in “P=none” mode.
v=DMARC1; p=none; rua=mailto:votresociete@dr.dmarc.fr; ruf=mailto:votresociete@dr.dmarc.fr; fo=1;
These DMARC reports, in the form of XML files, contain a lot of technical information (hostname, IP, SPF/DKIM test results) related to all the sources that send emails with your domain names.
A DMARC report analysis solution such as dmarc.fr can analyze millions of reports and identify legitimate and non-legitimate sender sources to move on to the authentication step of legitimate sources.
The goal to be achieved is the implementation of the DMARC protocol in “blocking” mode, like this:
v=DMARC1; p=quarantine; rua=mailto:votresociete@dr.dmarc.fr; ruf=mailto:votresociete@dr.dmarc.fr; fo=1;
v=DMARC1; p=reject; rua=mailto:votresociete@dr.dmarc.fr; ruf=mailto:votresociete@dr.dmarc.fr; fo=1;
Once in block mode (quarantine or reject), you will be able to benefit from all the advantages of DMARC and soon also BIMI.
With so many people working remotely, it’s more important than ever that email communications are safe and secure by DMARC experts.