Skip to content

DMARC

DMARC - Nameshield

Why implement a DMARC policy?

  • To prevent spoofing of the domains used to send e-mails and protect parked domains, which are too often forgotten.
  • To improve e-mails deliverability: with e-mail flows properly organized and authenticated, your e-mails will look more reliable to the webmails and anti-spam systems.
  • To implement BIMI, which allows the brand logo to be displayed in the recipients’ mailboxes.

Nameshield’s support adapted to your needs

  • Set up of the platform;
  • Assistance in publishing a DMARC policy on all of your domains;
  • SPF verification (syntax validity, IP list, deprecated or empty values, …);
  • Recommendation of the best possible emailing strategy in terms of domain use in order to minimize the risk of attack;
  • Analysis of your RUA reports and recommendations to help you authenticate all your legitimate email traffic with DKIM and SPF;
  • Assistance in the DMARC policy upgrade until you reach 100% of emails in “p=reject”;
  • Tracking of unusual behavior and phishing attempts.

DMARC a simple solution to help administrators to proceed quickly

DMARC a simple solution to help administrators to proceed quickly

To be DMARC compliant:

  1. the Header From domain (domain visible to the recipient) must be aligned with the SPF domain (envelope domain) and/or the DKIM domain
    (d=) ;
  2. the SPF and/or DKIM authentication must be valid (in addition to the alignment).

DMARC allows the owner of the sending domain to specify what action should be taken on the receiving side (webmail or anti-spam of the recipient) when they see non-compliant incoming emails.

There are 3 possible policies:

DMARC compliant
  • None -> the domain’s owner leaves the choice to the recipient’s webmail/anti-spam in case of DMARC non- compliance: emails can be accepted, put in the spam folder or rejected.
  • Quarantine -> the domain’s owner indicates to the recipient’s webmail/anti-spam that emails that don’t comply with DMARC should be put in quarantine when possible, or in the spam folder.
  • Reject -> the domain’s owner tells the recipient’s webmail/anti-spam that emails that don’t comply with DMARC should be rejected (bounced).
Testimony of Marc Tournier, DSSI, for Eramet Group's DMARC compliance project

Testimonial:

Nameshield has been the ideal partner to support us in our DMARC compliance project, which aimed to secure email domains, protect the ERAMET Group’s image and prevent phishing. With their team of experts and precise tools, Nameshield helped us implement the best practices and control all our Group’s emails flows. As a result, we have gained credibility with our customers and partners, and reduced the number of email fraud attempts, which we now monitor effectively. A DMARC project is complex and requires a thorough and personalized follow-up. Nameshield was able to provide us with this quality of service throughout the project.

Marc Tournier
Eramet Group CISO

Contact us for more information

Our latest related news:

Les Nouvelles Exigences d’Authentification des E-mails par Google et Yahoo

New e-mails authentication requirements from Google and Yahoo

Google and Yahoo recently announced significant changes to their e-mails authentication requirements. The aim of these adjustments is to strengthen the security of online communications…