DMARC

Secure your e-mail system with DMARC

E-mail is the main vector of communication in companies. It is also the first vector of cyberattacks with devastating consequences for companies and administrations.

Several protocols, such as SPF, DKIM, DMARC and BIMI can be effectively deployed to secure your e-mail system, particularly against phishing.

Why implement a DMARC policy?

To prevent spoofing of the domains used to send e-mails and protect parked domains, which are too often forgotten.
To improve e-mails deliverability: with e-mail flows properly organized and authenticated, your e-mails will look more reliable to the webmails and anti-spam systems.
To implement BIMI, which allows the brand logo to be displayed in the recipients’ mailboxes.

Nameshield’s support adapted to your needs

Set up of the platform;
Assistance in publishing a DMARC policy on all of your domains;
SPF verification (syntax validity, IP list, deprecated or empty values, …);
Recommendation of the best possible emailing strategy in terms of domain use in order to minimize the risk of attack;
Analysis of your RUA reports and recommendations to help you authenticate all your legitimate email traffic with DKIM and SPF;
Assistance in the DMARC policy upgrade until you reach 100% of emails in “p=reject”;
Tracking of unusual behavior and phishing attempts.

DMARC a simple solution to help administrators to proceed quickly

To be DMARC compliant:

the Header From domain (domain visible to the recipient) must be aligned with the SPF domain (envelope domain) and/or the DKIM domain
(d=) ;
the SPF and/or DKIM authentication must be valid (in addition to the alignment).

DMARC allows the owner of the sending domain to specify what action should be taken on the receiving side (webmail or anti-spam of the recipient) when they see non-compliant incoming emails.

There are 3 possible policies:

None -> the domain’s owner leaves the choice to the recipient’s webmail/anti-spam in case of DMARC non- compliance: emails can be accepted, put in the spam folder or rejected.
Quarantine -> the domain’s owner indicates to the recipient’s webmail/anti-spam that emails that don’t comply with DMARC should be put in quarantine when possible, or in the spam folder.
Reject -> the domain’s owner tells the recipient’s webmail/anti-spam that emails that don’t comply with DMARC should be rejected (bounced).

Cookie	Duration	Description
_ga	2 years	The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_gat_gtag_UA_25904574_15	1 minute	Set by Google to distinguish users.
_gid	1 day	Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.

Cookie	Duration	Description
cookielawinfo-checkbox-functional	1 year	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
visit	30 minutes	No description
visitor	1 year 24 days	No description available.