BLOG

DMARC makes it a year

Yesterday DMARC.org announced that in a year DMARC protects over 60 million mailboxes worldwide.

DMARC, which stands for Domain-based Message Authentication, Reporting & Conformance, builds on previous email authentication advancements, SPF and DKIM, with strong protection of the author’s address (From field) and creating a feedback loop from receivers back to legitimate email senders. This makes impersonation of the author’s address difficult for phishers who are trying to send fraudulent email. Brands can use DMARC to easily notify email providers how to recognize and manage fraudulent mail, while also providing a means by which the receiver can report on fraudulent messages to the owner of the spoofed domain. Messages that pass DMARC validation will continue to be evaluated by the mailbox provider to determine ultimate placement of the message according to its spam-detection filters.

 DMARC is a framework that allows senders to specify authorized sources of mail and tell recipient ISPs what to do with mail if the authentication fails. It also creates a feedback mechanism so receivers can tell senders when authentication fails.

Comment:

Your email address will not be published. Required fields are marked *

  • HE.net DNS problems

    Hurricane Electric had a significant outage of their authoritative DNS servers this morning, causing them to return valid responses with no results for all(?) queries. This will have caused delivery problems for any mail going to domains using HE.net DNS - which will include some of their colocation customers, as well as users of their free services - but also will have caused reverse DNS to fail for most servers hosted by Hurricane Electric worldwide, so if any of your mail is being sent from HE hosted machines you may have seen problems. (We're HE customers so we noticed. Still happy with them as a vendor.)No Comments


  • 65.0.0.0/8 DNS issues

    If you're sending email from any address beginning with a 65 - in 65.0.0.0/8 - it's possible you'll see some delivery problems. Something appears to be broken with dnssec signatures for the reverse DNS zone, leading queries for reverse DNS to fail for anyone using a dnssec aware DNS resolver (which is almost everyone).1 Comment


  • Our green bar certificate is going away

    Later today we'll be switching from an Extended Validation ("green bar") SSL certificate to a Domain Validation certificate. This isn't exactly a planned change but I'm waiting for responses from Comodo before I go into it too much. I'll share some more details next week.3 Comments


Archives