DMARC helps defend against malicious email attacks.

The problem: fake sender addresses

Phishing (e.g. CEO fraud) and spoofing emails are often disguised with internal sender addresses. Email attackers simply forge the sender header and the email appears to come from a colleague. The email attacker exploits the false trust to obtain funds or confidential information. Many companies have suffered major damage from such attacks in the past.

Filtering spoofing in general is not possible, since there are numerous and sometimes well-known services on the Internet that use such header spoofing for other reasons. Therefore, filter rules must be defined separately for each domain.

The solution: Deploy DMARC

DMARC (Domain-based Message Authentication Reporting and Conformance) offers an advanced method of email authentication for exactly such cases. SecuMail^® therefore generally recommends using DMARC.

To do this, simply set a DMARC record in the DNS of the sender domain (your domain). It simply defines that mail headers must also follow the SPF guidelines. DMARC therefore only works together with an SPF record and, if necessary, a DKIM signature. The former determines from which servers your mail domain may be sent. In this way, counterfeiting senders can be locked out. DKIM also signs headers.

How do you create a DMARC record?
LEARN MORE→

How do you set an SPF record?
LEARN MORE→

Details on DKIM, DMARC, and SPF
LEARN MORE→

If you have any questions or other concerns about e-mail security, we will of course be happy to assist you. Contact us by e-mail at support@secumail.de or by phone at +49 (0) 8171-246920!