DMARC Email Authentication

We all get far too many emails claiming to be from a well known company but actually sent by scammers and spammers. Internet Service Providers trap a large percentage of these fake messages and delete them before they they can get to their intended target, but a lot still get through to us.

What can be done?

There is a standard called DMARC used by many large organisations including Google, Facebook, Apple, Craigslist, Virgin Media, British Airways, Dropbox, Amazon and many more.

Implementing DMARC ensures that genuine emails can only be sent using specified company servers and hence any Internet Services Provider can filter out the messages claiming to be from these companies, but are fake.

Sending Out Emails

The sender sets up two pieces of machine readable information in advance

  1. A document that describes how the emails will be sent (e.g. which servers will be used for the outgoing mail). This is called SPF (Sender Policy Framework).
  2. A proof of identity document called DKIM (Domain Keys Identified Mail)

Receiving Emails

The email service provider in receipt of the message, checks the SPF and DKIM entries for the legitimate sender and compares the meta data for the messages against that. If it passes then the message is accepted but it there is a mismatch then the messages are marked as fake. That can mean they are deleted or can mean they are delivered to the users spam folder.

It does take effort to implement DMARC as a sender but the more large companies start using DMARC the better and the more email service providers start to check incoming mail for DMARC then the less rubbish will get through.

If you know anything more about this then let me know, by email.

Fightback Ninja Signature

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.