So, what’s your excuse?
OK, I guess I should have explained the importance of DMARC before asking you about excuses. I’m quirky that way. Before everyone offers explanations about being too busy with work, kids and school, let’s cover the DMARC basics.
DMARC stands for Domain-based Message Authentication, Reporting and Conformance. It’s a DNS (Domain Name System) text record that uses SPF and DKIM DNS records to authenticate email and reject email that doesn’t pass that same authentication. When the DMARC, SPF and DKIM records are in place, mail not coming from authorized servers will be deleted prior to entering most of the major ISPs around the world.
As an example, let’s look at ABC Company and the use of the ABCcompany.com domain. Because ABC doesn’t have DMARC in place, which provides a feedback loop that alerts senders about email abuse, it’s unaware its customers are getting phished for passwords. That’s bad – but it can get worse.
Because there’s no DMARC record, it’s possible that ABC Company’s own employees can be phished for access into the corporate network. Links within the mailings can lead to websites that install malware that infects PCs and laptops. And if recipients can’t trust the mailings they are getting, they’ll be less likely to open a legitimate message.
It doesn’t have to be this way. The folks over at ABC just need to get a working SPF and DKIM record in place. Next they add the DMARC record and monitor the results. Once everything is buttoned up, they should set the DMARC record to reject any questionable emails.
So what about you? Do you have DMARC in place, or does the ABC Company scenario outlined above sound uncomfortably familiar? If it’s the latter and you’ve been feeling too busy to take the necessary steps, consider the benefits: getting DMARC in place means you’ll be sending authenticated email and protecting the integrity of your brand while improving your deliverability.
Wait … what was that last part? That’s right, Gmail mentions on its “Bulk Senders” page that using DMARC aids in the authentication aspect that Gmail and every ISP wants as they look to limit the spam going into the networks.
So, contact your ESP, your IT department and your Web hosting team to get your SPF, DKIM and DMARC records in place. Monitor what’s going on. See if there’s an issue. Your brand reputation and email deliverability might depend on getting those records in place.
1) DMARC website: http://dmarc.org/
2) Blog: “Use DMARC to Safeguard Your Brand (While Helping Fight Spam Too)”
3) Blog: “Email Authentication: How SPF, DKIM and DMARC Separate the Wannabes from the Real Stuff”