The ability to easily identify a legit email message is changing the industry for the better.
Since 2012, dmarcian has been helping organizations of every size across the globe to deploy DMARC.
What Are The Drone Anti-jamming Systems Technology?
Protect your domain with DMARC
1. Master version 0.0.2
DMARC
Domain-based Message
Authentication Reporting & Conformance
Martijn Groeneweg General Manager Europe, dmarcian
Wesley Rietveld Sales Director Europe, dmarcian
Marco Franceschetti, Head of Deliverability, Contactlab
11. • Started in 2012
• dmarcian is the leading “Full Service” provider of
DMARC Services
• dmarcian has a regionalized European operations that
meets European data requirements
• dmarcian offers
– Web based tooling
– Deployment support
– Support packages
Who we are
12. • Customers
– Banks, top internet properties, marketing agencies, telecoms
and commercial enterprises of all sizes
– More than 19.000 companies and organizations
– More than 2.000.000 domains
• About 25 people
– CEO and founder Tim Draegen is primary author of DMARC
spec and currently one of the chairs of the IETF DMARC
working group
– Scott Kitterman is one of the primary authors of SPF
Who we are
17. “95% of all attacks on enterprise networks are the results from
successful spear phishing”
Allen Paller, Director of Research - SANS Institute
“The FBI reports a $2.3 Billion Loss to Spear Phishing
and CEO Email Scams from Oct 2013 to Aug 2016.
Since January 2015, the FBI has seen a 270% increase
in Cybersecurity attacks.”
fbi.gov
Why DMARC?
22. Why DMARC
• Delivery
Use the same modern plumbing that mega
companies use to deliver email.
• Security
Disallow unauthorized use of your email domain to
protect people from spam, fraud, and phishing.
• Visibility
Gain visibility into who and what across the
Internet is sending email using your email domain.
• Identity
Make your email easy to identify across the huge
and growing footprint of DMARC-capable receivers.
24. • DNS entry (TXT record _dmarc.example.com)
• Builds on existing email authentication technology
(SPF and DKIM)
• Provides feedback data to Domain Owners
• Allows for blocking of unauthorized email
How DMARC works
25. DMARC Policy
1. p=none
Monitoring, no impact on mailflows
2. p=quarantine
Deliver to spam folder
3. p=reject
Block email that fails the DMARC check
26. Return-Path: <foe@SAMPLE.net>
Delivered-To: friend@example.org
Authentication-Results: mail.example.org; spf=pass (example.org: domain
of foe@sample.net designates 1.2.3.4 as permitted sender)
smtp.mail=foe@sample.net; dkim=pass header.i=@sample.net
Received: from ..
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=SAMPLE.net;
s=february_2014; i=@sample.net; q=dns/txt; h= .. ; bh= .. ; b= ..
Date: Wed, 19 Feb 2014 12:39:06 -0500
From: “Fred“ <foe@CLIENT.net>
To: “Frank Riend” <friend@example.org>
Subject: REMINDER – don’t mess this up, Frank!
Hi, please don’t forget about the meeting. It’s very important!
Your friend,
Fred
DMARC on From domain
DKIM: d= domain
SPF on Envelope domain = Mail From = Return Path
misalignment
DMARC
To tie it all together. For a piece of email to be considered compliant with DMARC, the domain found in an email’s
From: header must match either the SPF-validated domain or the originating domain found in a valid DKIM signature.
If the domains match, receivers can safely assert that the email did come from the domain that it purports to come
from. This is how easy-to-identify email is made possible.
FAIL
27. Return-Path: <foe@CLIENT.net>
Delivered-To: friend@example.org
Authentication-Results: mail.example.org; spf=pass (example.org: domain
of foe@sample.net designates 1.2.3.4 as permitted sender)
smtp.mail=foe@sample.net; dkim=pass header.i=@sample.net
Received: from ..
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=CLIENT.net;
s=february_2014; i=@sample.net; q=dns/txt; h= .. ; bh= .. ; b= ..
Date: Wed, 19 Feb 2014 12:39:06 -0500
From: “Fred“ <foe@CLIENT.net>
To: “Frank Riend” <friend@example.org>
Subject: REMINDER – don’t mess this up, Frank!
Hi, please don’t forget about the meeting. It’s very important!
Your friend,
Fred
DMARC on From domain
DKIM: d= domain
SPF on Envelope domain = Mail From = Return Path
alignment
DMARC
To tie it all together. For a piece of email to be considered compliant with DMARC, the domain found in an email’s
From: header must match either the SPF-validated domain or the originating domain found in a valid DKIM signature.
If the domains match, receivers can safely assert that the email did come from the domain that it purports to come
from. This is how easy-to-identify email is made possible.
PASS on SPF & DKIM
47. PostNL DMARC ROI
•Reduced customer support
90.000 euro per year
•Reduced cost of domain
registrations
20.000 euro per year
•Break even period
2 years (looking at direct cost only)
50. Thank you!
Marco Franceschetti
Head of Deliverability
marco.fraceschetti@contactlab.com
Wesley Rietveld
Sales Director Europe, dmarcian
wesley@dmarcian.com
Martijn Groeneweg
General Manager Europe, dmarcian
martijn@dmarcian.com