Preventing email spoofing with a DMARC check
The Domain-based Message Authentication, Reporting and Conformance (DMARC) protocol offers an effective defense against domain spoofing – where an attacker forges your email to launch phishing campaigns or business email compromise attacks. As an email validation system, DMARC can help to identify anyone using your domain without authorization and block delivery of unauthenticated email by implementing a DMARC reject policy.
DMARC builds on the widely used SPF and DKIM authentication techniques, providing reports that offer detailed information about who is sending email using your domains. When an email fails SPF and DKIM authentication, email receivers can perform a DMARC check to determine whether the message should be accepted, blocked or quarantined. DMARC also provides reports that help senders understand which messages are not authenticating and the reason why.
Performing a DMARC testis a start to improving email security but implementing DMARC policies – and getting them right – can be difficult and time-consuming, potentially limiting the adoption of the DMARC system and reducing its effectiveness. That's where Mimecast can help.
Mimecast DMARC analyzer
Mimecast DMARC Analyzer helps organizations implement DMARC checks and reject policies as quickly as possible. DMARC Analyzer offers simple and effective self-service tools that enable security teams to reduce the time, cost and effort of defending against domain spoofing attacks with DMARC checks. Unlike many other DMARC solutions, Mimecast DMARC analyzer can be implemented without the need for professional services.
Mimecast DMARC analyzer enables you to:
- Manage complex DMARC deployment with an easy-to-use SaaS solution.
- Enjoy 360° visibility and governance across all email channels.
- Implement policies for DMARC checks on the gateway with self-service email intelligence tools.
- Receive alerts, reports and charts that help to monitor ongoing performance and ensure effective enforcement of DMARC checks.
Features of Mimecast's DMARC check technology
Key features of Mimecast DMARC analyzer include:
- User-friendly aggregate reports and charts that enable faster analysis and enforcement of DMARC check policy
- Unlimited number of users, domains and domain groups, ensuring full email security coverage
- Summary reports delivered daily and weekly enabling email security teams to track progress over time
- Two-factor authentication for enhanced security
- Fast and easy DNS updates with a DMARC record set-up wizard
- Forensic reports that enable email security teams to track down malicious email sources
- Tools to check DNS changes over time and to receive proactive email prompts when a record changes
- Options for configuring DMARC in Office 365
- A managed service option that helps to minimize risk and to ensure DMARC enforcement in the fastest time possible
Additional solutions for a multilayered defense
While Mimecast DMARC Analyzer can help senders simplify DMARC deployment and improve DMARC check reporting, Mimecast Secure Email Gateway with Targeted Threat Protection provides additional defenses to detect and stop business email compromise and impersonation attacks.
Mimecast's email security services use multiple detection engines and threat intelligence feeds to stop spear-phishing, malware, spam and zero-day attacks at the email gateway. Mimecast's email security offerings also include a suite of technologies that help to defend against a broad range of threats.
- Impersonation Protect offers instant and comprehensive detection of social engineering-based email attacks, helping brands to defend against attacks that impersonate their name and reputation in email messages.
- URL Protect defends employees from malicious URLs, scanning every link on every click to block access to malicious or suspicious sites.
- Attachment Protect uses static file analysis, safe file conversion and behavioral sandboxing to protect against potentially malicious attachments.
- Internal Email Protect detects and remediates email-borne security threats that originate from within an organization's email system, preventing attacks from spreading rapidly and silently between employees and to customers and partners.
FAQs: What is a DMARC check?
What is DMARC?
DMARC – or Domain-based Message Authentication, Reporting and Conformance – is a protocol for email authentication, policy and reporting. Designed to help prevent email impersonation, DMARC allows senders to let recipients know that messages are protected by Sender Policy Framework (SPF) and DomainKeys Identified Message (DKIM) protocols and provides instructions for how to handle messages that don't pass either of these authentication methods.
What is a DMARC check?
DMARC enables receiving mail servers to check for alignment between the domain names in the "header from" and the "envelope from" information in an email using SPF authentication, and between the "header from" domain name and the "d= domain name" in the DKIM signature. If a message fails both SPF and DKIM authentication and alignment, a receiving mail server can perform a DMARC check of the sender's DMARC policy to determine whether the email message should be accepted, blocked or quarantined.
What is a DMARC record check?
In order to implement DMARC, organizations need a valid DMARC record. A DMARC record check is a tool that displays an organization's DMARC record while testing and verifying it to determine whether it's valid. Mimecast offers a free DMARC record check service that will test and parse a DMARC record and display it along with additional information.