How DMARC Contributes to Email Delivery and Engagement

In the State of Email Security, Mimecast reports that email “impersonation attacks increased almost 70 percent in comparison to the results in last year’s report – with 73 percent of those organizations impacted by impersonation attacks having experienced a direct loss, specifically loss of customers (28%), financial loss (29%) and data loss (40%). Phishing attacks were the most prominent type of cyberattack, with 94 percent of respondents having experienced phishing and spear phishing attacks in the previous 12 months, and…
John Bowers
26 July 2019
dmarcian Tools

RUA vs RUF

Once you’ve published DMARC records, DMARC data will typically begin to generate within a day or two in the form of reports that give you insight into the way your domains are handling email.  There are two forms of reports: RUA reports that provide a comprehensive view of all of a domain’s traffic, and RUF reports that are redacted copies of the individual emails that are not 100% compliant with DMARC.RUF data was originally intended to provide domain owners with…
Vaughn Talbert
25 June 2019
dmarcian Tools

Are your Google Calendar Invite Responses Blocked by DMARC?

We have previously discussed the issue of Google Calendar invites (and other Google Suite services) being broken from the perspective of a G Suite owner. But there is also an issue for receivers who interact with Google's email body invite links, as Google spoofs the invitee's domain to generate a notification. If the invitee’s domain is at p=reject, this can occasionally send back a bounce to the invitee, making it confusing for everyone.You may see Google as a source in…
Vaughn Talbert
25 June 2019
Industry News

The Importance of Sources in DMARC

A “source” is what we call any company that offers its clients the ability to send emails with their own domain. This translates to any infrastructure that’s capable of “sending emails on behalf of others.” Bearing this explanation in mind, we can identify several types of sources, the most notable are: ESPs - offer their clients the ability to send bulk (marketing and/or transactional) emails with their own domain ISPs - offer the ability to receive and send emails with…
Vaughn Talbert
23 May 2019

Understanding Shadow IT

For those who’ve been doing IT long enough to remember using a green display monitor also remember a time when everything was locked down and centralized. During the early 1980s, Local Area Networks became more popular and with them came decentralization, allowing other internal departments within an organization to take control of their IT requirements directly, and Shadow IT was born! “Shadow IT” is the use of IT-related hardware or software products within an organization without the knowledge of the…
Vaughn Talbert
23 May 2019

Why SPF is so funky in today’s modern world

SPF (Sender Policy Framework) has been around for a long time and enjoys a rich history reaching back to 1997, with the SPF Project itself starting in June 2003. (a timeline history of SPF can be found here). However, there are some challenges with SPF's feedback and it is often misunderstood. We take a look at these issues, and at the barriers that are keeping SPF from being better A notable issue with SPF is that the people deploying it have to…
Vaughn Talbert
21 March 2019