Technical Guidance

The Importance of Sources in DMARC

A “source” is what we call any company that offers its clients the ability to send emails with their own domain. This translates to any infrastructure that’s capable of “sending emails on behalf of others.” Bearing this explanation in mind, we can identify several types of sources, the most notable are: ESPs - offer their…
Vaughn Talbert
23 May 2019
Technical Guidance

Adding DMARC to Office 365

Microsoft's Office 365 platform supports DMARC (Domain-based Message Authentication, Reporting, and Conformance).  The complete Microsoft guide is listed here.The starting point is to review the SPF and DKIM settings. We would also recommend Microsoft's guide - Set up SPF in Office 365 to help prevent spoofing. How your SPF record is formatted depends on if whether…
Vaughn Talbert
21 March 2019
Webinars and Podcasts

Webinar: The Evolution of Phishing & How We Fight It

In 2017, the FBI estimated that losses due to business email compromise increased by 88% as compared to 2016. Yet many end users still associate phishing with the prototypical email from Nigeria. In this webinar, dmarcian founder Tim Draegen and GreatHorn CEO Kevin O’Brien will walk through the history of phishing attacks – from the…
Vaughn Talbert
17 October 2018
Ecosystem NewsTechnical Guidance

GDPR’s Impact on DMARC Data Collection

When the EU passed the General Data Protection Regulation (GDPR) it triggered a worldwide examination of different types of data, including the data found in DMARC Aggregate (RUA) and Failure (RUF) reports. A legal analysis from ECO, the German Internet Industry group, breaks down all aspects of DMARC data and the concerns involved related to…
dmarcian
24 September 2018
Worst Phish by country Ecosystem NewsInside dmarcianTechnical Guidance

Phishing leaves a DMARC trail

Earlier this year The Anti-Phishing Working Group (AWPG) and dmarcian had the opportunity to look for patterns across data sets to see if anything interesting emerged. We decided to cross reference the IP addresses from APWG’s phishing and malicious IP data sets contained in their eCrime Exchange (eCX) threat data sharing platform, against the addresses…
dmarcian
7 August 2018
Deployment

What to do About Non-DMARC Capable Email Sources

Non DMARC Capable Sources When deploying DMARC, you may occasionally encounter email vendors that do not support DMARC authentication on your outbound email.  While most email service providers have implemented and adopted DMARC as a best practice, some vendors have not caught up. To help users deal with Non-DMARC capable sources, dmarcian classifies these email…
dmarcian
19 February 2018
Ecosystem News

FTC Study Released Regarding DMARC

Press release from Federal Trade Commission, March 3rd 2017 "In a study released today, the Federal Trade Commission’s Office of Technology Research and Investigation (OTech) reports that most major online businesses are using proper email authentication technology to prevent phishing emails, but few of these businesses are taking full advantage of the latest technologies to…
dmarcian
3 March 2017
Ecosystem News

Expansion of DMARC is Now Critical

Press Release Reposted with Permission from The Global Cyber Alliance Expansion of DMARC Critical to Reducing Spread of Malicious Emails Global Cyber Alliance Calls on Leading Cyber Companies To Improve Email Protections SAN FRANCISCO, February 14, 2017 – There is a fix that can prevent a great amount of email-born attacks on consumers and businesses. Unfortunately,…
dmarcian
14 February 2017