While complying with the Domain-based Message Authentication Reporting and Conformance (DMARC) protocol can help to mitigate certain kinds of cyber threats, DMARC compliance alone is not enough to protect your organization from a broad range of email-borne threats.
What is DMARC? DMARC is a protocol for authenticating that an email sent from an organization's domain is a legitimate message and not fraudulent. The illegitimate use of an organization's domain is a common technique in impersonation attacks, where cyber criminals pose as a trusted source inside an organization and to trick recipients of the email into divulging sensitive information or transferring money to fraudulent accounts. DMARC compliance enables a sender to specify that their messages are protected by DKIM and/or SPF, and lets receivers know what to do if an email isn't in DMARC compliance. Ultimately, DMARC email security prevents anyone except for authorized senders to send an email using an organization's domain.
While DMARC compliance is highly effective at stopping an impersonation attack based on illegitimate use of an actual domain, it does nothing to address email spoofing that uses look-alike domains, display name spoofing, newly registered domains or reply-to mismatches. That's why, when seeking solutions that can help to prevent an email data breach, more organizations today look for multilayered defenses against email fraud.
To provide organizations with a wider set of tools for email security and information protection, Mimecast offers an all-in-one subscription service for email security, archiving and continuity. Mimecast's SaaS-based offering provides a multilayered approach to email security and a suite of solutions that help reduce the cost and complexity of managing business email.
Mimecast helps to ensure DMARC compliance through the Mimecast Secure Email Gateway. Combining threat intelligence and sophisticated protection engines, Secure Email Gateway performs DNS authentication to check on SPF, DKIM and DMARC compliance. Combined with Mimecast DMARC Analyzer, Mimecast provides visibility that helps to detect and block unauthorized use of an organization's domains to prevent spoofing and impersonation attacks.
In addition to helping organizations with DMARC compliance, Mimecast provides comprehensive defenses against other kinds of advanced threats with tools to protect against malicious URLs, weaponized attachments, social engineering and threats from malicious insiders. Additionally, Mimecast provides secure messaging services that enable employees to securely send sensitive information and large files up to 2 GB from their email inbox. Mimecast also offers tools for content control and data loss prevention that can help to identify and block potential leaks, both inadvertent and malicious.
Learn more about DMARC compliance with Mimecast.
What is DMARC compliance?
DMARC compliance refers to email that is sent in compliance with specifications of the Domain-based Message Authentication, Reporting and Conformance protocol. The DMARC protocol leverages two established authentication standards, Sender Policy Framework (SPF) and the DomainKeys Identified Mail (DKIM), to enable mail servers to determine whether an inbound message from a specific domain is legitimate or not.
DMARC essentially ensures that email is properly authenticating against DKIM and SPF standards, and enables sending organizations to post policies to their DNS record about how to handle messages that don’t authenticate. DMARC also enables receiving mail senders to send aggregate and forensic reports back to senders, providing greater visibility into what messages are not authenticating, and why.
How to achieve DMARC compliance?
DMARC compliance relies on compliance with SPF and DKIM protocols, which is achieved when a message authenticates and aligns. For SPF, this means that the reverse DNS of the sending IP must align with the domain of the visible “from” address. For DKIM, the DKIM signature must be from the same domain as the visible “from” address.
What are the benefits of DMARC compliance?
Improving DMARC compliance provide several advantages for organizations. By enabling receiving mail servers to determine whether inbound messages are legitimate or not, DMARC compliance helps to prevent illegitimate email from a sender’s domain from being involved in cyberattacks. Because DMARC enables reporting on which messages authenticate and why, DMARC compliance also helps to provide greater visibility into who is sending email using an organization’s email domain.
Why is DMARC compliance important?
Email continues to be a primary vector for cyberattacks, with phishing attacks accounting for approximate 90% of data breaches. DMARC compliance helps organizations to prevent attackers from their domains to launch a domain spoofing attack to target other companies or individuals.
Does DMARC compliance prevent spoofing?
DMARC compliance can help to prevent direct domain spoofing, where attackers use the exact domain of a company when sending an illegitimate message. However, DMARC compliance is unable to prevent attacks that use other forms of spoofing, including: