DMARC leads to secure emails

We are easy pickings. Mail sent on your behalf through third-party providers mailing and certification services will appear as authenticated. Unfortunately spammers, email phishing, the dark side of the Internet, those disguised as your bank, and even as your government do the same.

The need of finding a way to make the world safer for email has taken the lead to secure emails by enforcing the new DMARC (Domain based message authentication Reporting&conformance). DMARC is helping email services like Yahoo, Gmail and Hotmail quickly to determine the legitimacy of incoming messages. DMarc has strongly reduced PayPal phishing (warning: technical link 🙂 ).

DMARC allows domain owners to publish policy statement in DNS telling receiver domains what to do with messages that do not authenticate. DMARC shuts down spoofed domain attacks. Forged emails appear to be from a legitimate email address though they are not; they are used to spreading spam and phishing scams. Taking into account that 99% of mails sent as above mentioned are considered as spoofed it has been resolved to discard, to reject all those emails having more than one header from, or having an additional header reply to.

So what if you are sending marketing campaigns? Well, that’s the point: if you are sending email campaigns though an email marketing service and you are using, for example a email address as the From header it will be probably not be delivered, since DMARC might have been already implemented.

Some of you may be thinking; “Oh, c’mon that only happens in the US, Spain is … different, you know “. Well, quite the opposite, or at least for the time being, we are not so different. Let’s show some statistics. According to top Alexa country traffic rank, Spain has already implemented DMARC in 50% of the more common Spanish domains, (Colombia has implemented 90%). In other words, those emails, certifications, and notifications based on spoofing and based on DMARC policy will not be received and the situation is set to get worse.

Fortunately for all of us, certification system is immune to this issue, because it is the user him/herself who sends the email, sends us a copy, and, never on your behalf , being a Telecom operator resends it, leaving no room for spam. This in-house system, entirely developed our technical team, has undoubtedly become the best one to send certified emails without the fear of being rejected.

Leave a Comment