Ecosystem News

Sub-domain Abuse Goes Mainstream

Last week, LinkedIn was the target of a massive, global cyber attack. The attack came in the form of phishing that looks almost exactly like real LinkedIn address confirmation emails. Only two things differed: (more…)
dmarcian
6 February 2017
Technical Guidance

What is “External Destination Verification”?

A domain's DMARC record can tell the world to send DMARC reports to a different domain. For example, the domain example.org might have a DMARC record of: v=DMARC1; p=none; rua=mailto:dmarc_reports@sample.net This DMARC record tells people to send reports regarding example.org to the email address of dmarc_reports@sample.net. Before reports are sent, sample.net must tell the world…
dmarcian
23 June 2016
DeploymentTechnical Guidance

Policy Modes: Quarantine vs Reject

Domain owners can publish policies that will be applied to email that is not compliant with DMARC: p=none is used to collect feedback and gain visibility into email streams without impacting existing flows. It’s a crucial first step. p=quarantine allows email receivers to treat email that fails the DMARC check as suspicious and files them…
dmarcian
19 December 2015
DeploymentTechnical Guidance

How to deploy DMARC for inbound processing

As DMARC adoption increases, more people are looking at using DMARC to filter their own email. We’ve put together this article to outline how to do “DMARC inbound.” Email is vast and DMARC is still being adopted. When you start filtering inbound email using DMARC, you’ll discover two important insights: Email comes in from all…
dmarcian
17 December 2015