Mimecast provides an effective solution that reduces the time, effort and costs to deploy DMARC to better protect against threats.
The Sender Policy Framework (SPF) is an email authentication technique that is used to prevent spammers and cyber criminals from sending messages on behalf of your domain name. SPF enables domain owners to publish an SPF record in the DNS that specifies which mail servers or IP addresses they use to send email. During SPF email authentication, a receiving mail server performs an SPF check to verify that the domain in the "envelope from" address in the email header matches a valid IP address in the SPF record. If the addresses don't match, the email fails the SPF test and the email can be rejected by the email receiver.
An SPF check has limitations, however. It doesn't work when messages are forwarded, and it does nothing to protect against attacks spoofing only the "header from" address (the address that's visible to users). Keeping SPF records updated as organizations change service providers and add mail streams can be difficult.
The email validation system DMARC (Domain-based Message Authentication, Reporting & Conformance) builds on the SPF check protocol (as well as the DKIM signature protocol) to provide a more powerful defense against email spoofing. DMARC augments the SPF check process by letting receiving mail servers know whether a domain is protected by SPF and/or DKIM and provides instructions on how to treat messages that don't pass either of these authentication protocols.
While DMARC can help protect against email spoofing more effectively, it can be difficult and time-consuming to deploy without the right tools. For organizations that want to bolster their email security with DMARC authentication, Mimecast provides a simple and effective solution that reduces the time, effort and costs to deploy DMARC.
Mimecast DMARC Analyzer enables companies to deploy DMARC quickly and easily. As a 100% SaaS-based solution, DMARC Analyzer significantly reduces the time and complexity of a DMARC deployment project and provides tools to streamline the ongoing management of DMARC enforcement.
With DMARC Analyzer, you can:
DMARC Analyzer acts as an expert guide to move towards a reject policy as fast as possible. Features of DMARC Analyzer include:
Mimecast provides additional, comprehensive solutions for protecting email in Mimecast Email Security with Targeted Threat Protection. This set of cloud services is designed to provide next-generation protection against advanced email-borne threats like malware, impersonation attacks, malicious URLs and internally generated threats.
SPF, or Sender Policy Framework, is an email authentication protocol that lets the owner of a domain provide information in a DNS record about which IP addresses the domain uses to send email.
When an email message is sent, the receiving mail server can perform an SPF check to verify that the IP in the "envelope from" address in the message's header matches the IP addresses listed in the domain's SPF record in the DNS. If the SPF check is successful, the message is sent onto the recipient. If the SPF check fails, that information can help the receiving mail server to determine whether the message should be delivered in the inbox, sent to the spam folder or needs to be blocked.
An SPF record check is a diagnostic tool that can look up and validate an SPF record. An SPF record check can highlight any errors within the record that might affect successful delivery of email messages. Mimecast offers a free SPF record check along with free checks of DKIM records and DMARC records.