Mimecast DMARC Analyzer offers an improvement on the Sender Policy Framework protocol as well as the DKIM protocol by preventing spoofing.
Sender Policy Framework (SPF) is an email authentication protocol that can be used to prevent spammers and attackers from sending messages that appear to come from a trusted domain. Using the SPF email protocol, an organization can publish a list of authorized mail servers in an SPF record that appears in its DNS record. Receiving mail servers can perform an SPF test on every inbound email, checking to see if the IP address from which the email is sent matches an IP address in the domain's Sender Policy Framework record.
While the Sender Policy Framework offers a certain amount of protection against spam and spoofing, it is not a complete email security solution. A forwarded email will evade an SPF test, and the SPF protocol can't spot email that spoofs only the "from" address – the email address that's visible to users. Additionally, for Sender Policy Framework to work, organizations must keep their SPF records constantly updated – a time-consuming and cumbersome task that gets harder as companies change ISP providers.
DMARC, or Domain-based Message Authentication, Reporting & Conformance, offers an improvement on the Sender Policy Framework protocol as well as the DKIM protocol. DMARC prevents spoofing more successfully by requiring that the information in the "from" address align with other information about the sender, and it requires that a message is authenticated with either SPF, DKIM or both. DMARC also improves reporting and provides detail on how messages that fail authentication should be handled.
In the past, implementing DMARC authentication has been a challenge. The protocol can be difficult to deploy and hard to manage, requiring a significant investment of time and resources. To solve this challenge, Mimecast offers Mimecast DMARC Analyzer, an easy-to-use solution for streamlining DMARC implementation and management.
As a 100% SaaS solution, Mimecast DMARC Analyzer helps reduce the time and complexity of enforcing a DMARC policy. DMARC Analyzer acts as an expert guide, helping organizations move toward DMARC authentication quickly and cost-efficiently.
DMARC Analyzer provides self-service tools that enable email administrators to:
Key features of DMARC Analyzer include:
In addition to DMARC Analyzer, Mimecast email security solutions include:
Mimecast also offers a Web Security service that adds monitoring and security at the DNS layer to prevent malicious web activity and DNS spoofing and to block access to business-inappropriate websites.
Sender Policy Framework (SPF) is an email authentication method that helps to identify the mail servers that are allowed to send email for a given domain. By using SPF, ISPs can identify email from spoofers, scammers and phishers as they try to send malicious email from a domain that belongs to a company or brand.
An SPF record is a line of text that is stored in the DNS of a domain and specifies which IP addresses are approved for sending email for the domain. When a mail server receives an email, it can check to see if the IP address in the email's header matches the IP address in the SPF record. If the addresses do not match, the message will fail SPF authentication.
An SPF record check, or SPF validator, is a tool for determining whether an SPF record is valid. An SPF record checker looks up the record for a queried domain, displays any records found and tests the record to find any issues that could create problems for mail delivery.