DMARC Compass™ is a comprehensive tool that provides clear visibility into your e-mail delivery environment.
Email is a mission critical channel for most companies, but it has also become a major source of distrust. Most major attacks still use email as a launching pad, and users are taught to be wary of incoming messages. This lack of trust effects your ability to effectively communicate, market and sell via email!
DMARC (Domain Message Authentication Reporting and Conformance) stands to change all that by providing visibility into email flows, telling email receivers to delete spoofed messages, and ensuring that only legitimate emails are delivered to inboxes from protected domains.
In this presentation, we will cover:
- The importance of building trust in your email communications
- How to shine a light on all your email servers using the DMARC rails
- The best way to consolidate, visualize and make sense of DMARC reporting data
Watch the replay here: http://www.easysol.net/resources-who-is-using-your-domain
Who is Using Your Domain for Phishing & Spam? A DMARC Overview
1. Who is using your domain for phishing & spam?
DMARC Compass™
Dan Ingevaldson
CTO
2. Email is a mission-critical communication channel for most
companies.
Over 205billion emails are sent and received every day (112.5
billion business emails).¹
3. Email has also become an untrusted channel.
Thanks to spam and phishing scams, users are
taught to be wary of incoming messages.
59.2%
2015 Proportion of Spam in Email²
Spam
97% of people globally are unable
to correctly identify phishing
emails³
4. This lack of trust impacts a company’s ability to
effectively communicate, market, and sell to
customers via email.
In 2014, email ROI reached 2,500%.⁴
6. DMARC
• Provides visibility into email flows
• Tells receiving servers to delete spoofed messages immediately
upon receipt
• Ensures only legitimate emails are delivered to inboxes
7. Getting started with DMARC
is easy. Any email sender and
receiver can use the DMARC
rails provided by the global
community.
8. Free use of the rails provides access to the critical, raw
reporting data that helps you see who is sending email
and who is spoofing your brand.
10. Monitor
A domain owner can begin using DMARC in "monitor mode" to
collect data from participating receivers.
11. Quarantine
As the data shows that their legitimate traffic is passing authentication
checks, they can change their policy to request that failing messages
be quarantined.
12. Reject
As they grow confident that no
legitimate messages are being
incorrectly quarantined, they can
move to a "reject" policy.
13. It is impossible for spoofed email to be delivered
to DMARC-protected email servers.
14. “DMARC protects more than 85% of the people who
receive and send e-mail from Facebook”
Michael Adkins, Facebook
“Implementing DMARC stopped nearly 25 million
attempted attacks on our customers during the 2013
holiday season alone” Trent Adams, PayPay / Ebay, Chair of DMARC.org
Does it work?
15. The DMARC Standard
DMARC is an IETF Draft Specification that allows email receivers to determine if
an email is authentic and what to do if it is not
16. DMARC Compass™ a comprehensive tool that provides clear
visibility into your e-mail delivery environment
17. What is needed forCompleteVisibility?
Putting DMARC into Context
% of Incidents from DMARC?
<20%
Hacked
Sites
Social Media
Fraudulent
Domains
DMARC
Malware/MobileApps
Non-spoofed Phish
Active Monitoring
DMARC on its own is not a complete fraud strategy – but anything that provides some visibility is a win.
Make sure that you have other layers in place to protect against these other threats.
20. Differentiators Initiate server takedowns backed
by 24/7/365 Security Operations
Center
Full Restful API to leverage
Compass data elsewhere in your
stack
Customized reporting for
analytics
Shares intelligence with the rest
of our products
21. Determine your server policies through Compass Explorer
Deploy DNSTXT record
Monitor results in Compass portal
Authorize, deauthorize servers as they are identified
Migrate DNS policies for stricter e-mail handling
Deployment
A domain owner who has deployed email authentication can begin using DMARC in "monitor mode" to collect data from participating receivers. As the data shows that their legitimate traffic is passing authentication checks, they can change their policy to request that failing messages be quarantined. As they grow confident that no legitimate messages are being incorrectly quarantined, they can move to a "reject" policy.
DMARC stands for, Domain Message Authentication, Reporting and Conformance
IEFT – Internet Engineering Task Force
SPF - Sender Policy Framework (SPF) records allow domain owners to publish a list of IP addresses or subnets that are authorized to send email on their behalf.
DKIM – DomainKeys Identified Mail DKIM provides a method for validating a domain name identity that is associated with a message through cryptographic authentication.