Microsoft's Office 365 platform supports DMARC (Domain-based Message Authentication, Reporting, and Conformance). This protocol prevents spammers from illegitimately using your domain and sending email with a "From" address that makes email appear to come from someone in your domain. The impact of spammers illegitimately using your domain to send spam or junk email negatively affects your domain quality and domain reputation. The complete Microsoft guide is listed here.The starting point is to review the SPF and DKIM settings as an…

SPF (Sender Policy Framework) has been around for a long time and enjoys a rich history reaching back to 1997, with the SPF Project itself starting in June 2003. (a timeline history of SPF can be found here). However, there are some challenges with SPF's feedback and it is often misunderstood. We take a look at these issues, and at the barriers that are keeping SPF from being better A notable issue with SPF is that the people deploying it have to…

Dec 14, 1997 Jim Miller sends Paul Vixie an email with his idea on verifying SMTP MAIL FROM address from means of outbound-smtp MX dns records. Note: This event and the date are not confirmed by public records and are based solely on information provided by Paul Vixie. Mar 27, 2000 – Public mention of the idea to create 'MS' (mail sender) DNS records Bill Cole mentions on usenet newsgroup dedicated to discussions of spam an idea to create 'MS' (Mail Sender) DNS records to…

To get to the tool, log in and navigate to the Domain Overview. Click on the SPF cell for a domain that has volume, and then click ‘Record Details’.  In the resulting view, select ‘View TMI’.  The reloaded view of the SPF record details integrates DMARC data to show you which of your SPF record entries are in active use for your domain(s), and in what way.  This can help you figure out which old entries in your record might…

Even though Google has long supported DMARC, a handful of Google applications are still not capable of sending DMARC compliant email using both SPF and DKIM. If you’re a Google Suite customer using your own domain, email that originates from Google’s apps (such as Google Docs, Google Sheets, and Google Slides) and calendar service will still use a domain that points back to Google, and not your own domain, preventing SPF from supplying DMARC compliance. If your DMARC policy was…