Skip to content

DMARC

Secure your e‑mail system with DMARC

E‑mail is the main vec­tor of com­mu­ni­ca­tion in com­pa­nies. It is also the first vec­tor of cyber­at­tacks with dev­as­tat­ing con­se­quences for com­pa­nies and admin­is­tra­tions.

Sev­er­al pro­to­cols, such as SPF, DKIM, DMARC and BIMI can be effec­tive­ly deployed to secure your e‑mail sys­tem, par­tic­u­lar­ly against phish­ing.

DMARC - Nameshield

Inter­est­ed in DMARC?

CONTACT US

Why implement a DMARC policy?

  • To pre­vent spoof­ing of the domains used to send e‑mails and pro­tect parked domains, which are too often for­got­ten.
  • To improve e‑mails deliv­er­abil­i­ty: with e‑mail flows prop­er­ly orga­nized and authen­ti­cat­ed, your e‑mails will look more reli­able to the web­mails and anti-spam sys­tems.
  • To imple­ment BIMI, which allows the brand logo to be dis­played in the recip­i­ents’ mail­box­es.

Nameshield’s support adapted to your needs

  • Set up of the plat­form;
  • Assis­tance in pub­lish­ing a DMARC pol­i­cy on all of your domains;
  • SPF ver­i­fi­ca­tion (syn­tax valid­i­ty, IP list, dep­re­cat­ed or emp­ty val­ues, …);
  • Rec­om­men­da­tion of the best pos­si­ble email­ing strat­e­gy in terms of domain use in order to min­i­mize the risk of attack;
  • Analy­sis of your RUA reports and rec­om­men­da­tions to help you authen­ti­cate all your legit­i­mate email traf­fic with DKIM and SPF;
  • Assis­tance in the DMARC pol­i­cy upgrade until you reach 100% of emails in “p=reject”;
  • Track­ing of unusu­al behav­ior and phish­ing attempts.
CONTACT US

DMARC a simple solution to help administrators to proceed quickly

DMARC a simple solution to help administrators to proceed quickly

To be DMARC compliant:

  1. the Head­er From domain (domain vis­i­ble to the recip­i­ent) must be aligned with the SPF domain (enve­lope domain) and/or the DKIM domain
    (d=) ;
  2. the SPF and/or DKIM authen­ti­ca­tion must be valid (in addi­tion to the align­ment).

DMARC allows the owner of the sending domain to specify what action should be taken on the receiving side (webmail or anti-spam of the recipient) when they see non-compliant incoming emails.

There are 3 pos­si­ble poli­cies:

DMARC compliant
  • None -> the domain’s own­er leaves the choice to the recipient’s web­mail/an­ti-spam in case of DMARC non- com­pli­ance: emails can be accept­ed, put in the spam fold­er or reject­ed.
  • Quar­an­tine -> the domain’s own­er indi­cates to the recipient’s web­mail/an­ti-spam that emails that don’t com­ply with DMARC should be put in quar­an­tine when pos­si­ble, or in the spam fold­er.
  • Reject -> the domain’s own­er tells the recipient’s web­mail/an­ti-spam that emails that don’t com­ply with DMARC should be reject­ed (bounced).
Testimony of Marc Tournier, DSSI, for Eramet Group's DMARC compliance project

Testimonial:

Nameshield has been the ide­al part­ner to sup­port us in our DMARC com­pli­ance project, which aimed to secure email domains, pro­tect the ERAMET Group’s image and pre­vent phish­ing. With their team of experts and pre­cise tools, Nameshield helped us imple­ment the best prac­tices and con­trol all our Group’s emails flows. As a result, we have gained cred­i­bil­i­ty with our cus­tomers and part­ners, and reduced the num­ber of email fraud attempts, which we now mon­i­tor effec­tive­ly. A DMARC project is com­plex and requires a thor­ough and per­son­al­ized fol­low-up. Nameshield was able to pro­vide us with this qual­i­ty of ser­vice through­out the project.

Marc Tournier
Eram­et Group CISO

Contact us for more information

Our latest related news:

Les Nouvelles Exigences d’Authentification des E-mails par Google et Yahoo

New e‑mails authentication requirements from Google and Yahoo

Google and Yahoo recent­ly announced sig­nif­i­cant changes to their e‑mails authen­ti­ca­tion require­ments. The aim of these adjust­ments is to strength­en the secu­ri­ty of online com­mu­ni­ca­tions…

READ MORE