Protect your domain’s reputation with DMARC

Cyber criminals are known to impersonate well known brands and use the brand’s trusted reputation to send emails to recipients and orchestrate an imposture.  The victims end up giving away sensitive information like credit card pins, passwords, or even end up making payments to the imposters.

Domain-based Message Authentication, Reporting & Conformance i.e. DMARC protects your organization against such email threats.

Therefore, for an organization who sends emails to its customers, DMARC ensures that legitimate email is authenticated and the sender’s identity is verified by the recipients’ email service provider. Fraudulent emails appearing to come from domains under the organization’s control is blocked. The organization can even include domains that do not send mails or even defensively registered domains in its DMARC policy.

Inbound emails that fail DMARC authentication do not reach the recipient’s Inbox, thus filtering out phishing mails. So, if you get an email from the Income Tax department with a “From” address having intimations@cpc.gov.in, did cpc.gov.in really authorize that message?

DMARC builds on two existing and widely deployed email authentication techniques, the Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM).

Two key values of DMARC are domain alignment and reporting.

Phishing emails generally abuse the visible “From” header of emails by forging it. DMARC’s alignment feature prevents spoofing of the “From” header address by:

  1. Matching the “From” header domain name with the “envelope from” domain name (also know as the “return-path” address ) used during an SPF check, and
  2. Matching the “From” header domain name with the “d= domain name” in the email’s DKIM signature.

DMARC allows responsible organizations to instruct email providers who receive emails from the domains that they own, on how to handle unauthenticated emails via a DMARC policy, removing any guesswork on how to deal with messages that fail DMARC authentication.

What sets DMARC apart from other email authentication protocols is its reporting function. With DMARC, you can see who is sending email on behalf of your domain, your brand, and prevent spammers from using it to send fraudulent email.

The reporting feature of DMARC means that DMARC enabled receivers will tell you:

  1. How many messages they’ve received using your domains in the From: address
  2. Where these messages came from
  3. Whether these messages passed DKIM and SPF checks.

For Inbox providers, it is easier to determine that messages are not bad. Such emails are more likely to get delivered to the recipient’s mail quickly and without mistakes. Thus setting up a DMARC policy and choosing a right service provider to send your emails only helps in strengthening your brand’s reputation. 

Rediffmail Enterprise helps you defend your domains reputation by implementing DMARC for your organization’s domain names. The Rediffmail Enterprise Email Security team hand holds you through the entire life cycle of implementing DMARC – studying your outbound email traffic pattern (including marketing mails sent through 3rd party email campaign tools), configuring SPF and DKIM records in your DNS for all your domains (including domains that do not send mails or even defensively registered domains), configuring the DMARC record in your DNS with the right policies from the “monitoring” to “blocking” modes. The DMARC dashboard integrated in your administrators tools gives you visibility of your outbound email traffic pattern which include graphical stats of the source of outbound traffic and details of phishing attempts done using your domain names.

Big Cyber Security Show & Awards – Mumbai, 2018

BIG Cyber Security Show & Awards organised by Trescon

This is the second edition of the cyber security show & awards, an event by Trescon on 20th September 2018 at The Leela Mumbai.

The show is designed for executives and industry experts from across business technology, in need of innovative technology & solutions to protect their company’s infrastructure & data from cyber attack.

Companies and organisations around the globe are facing different forms of cyber threats from many entities. To name some: Ransomware, Advanced Persistent Threats, and the leak of sensitive information are just the tip of the iceberg.

Protecting individual & company’s data would be the challenge many users in the industry are facing.

This provides a big opportunity for:

    1. Solution Providers – to talk about their latest challenges in such situation and how did they overcome this hurdle.
    2. Security Analysts / Industry Experts – to discuss the new trends in cyber attack and what can be done to safeguard their data
    3. Policies – Industry & government policies inline with new security standards.

The strategy for the event is very clear,

“To explore new innovations for a greater cyber security.”

As India is gearing to be the centre of latest technologies and innovation in IoT, BigData & more; It’s crucial for solution providers to be take the centre stage and voice their opinion on the current state & what needs to be done.

The cyber security market is expected to grow from US$ 4 billion in 2018 to US$ 5 billion by 2025

Rediffmail Enterprise is proud to be the PLATINUM PARTNER of the BIG Cyber Security Show & Awards 2018.

We have speakers who would be talking about the latest technology & solution inline with email security and general practices to protect your data.

  • Venki Nishtala, Chief Technology Officer, Rediff.com India Ltd
  • Amol Mujumdar, Sr. Director -Technology, Rediff.com India Ltd
  • Venkata Satish Guttula, Director – Security, Rediff.com India Ltd

For more information on the awards, please visit:  Big Cyber Security Show & Awards »