For any organization sending bulk email or high email volumes to Google and Yahoo accounts, there's one date you should have flagged on your calendar.
On February 1st, guidance indicates you'll need to pay attention if you are sending over 5000 emails a day into Google and Yahoo mailboxes.
On that day, any email domain sending more than 5000 emails on a daily basis will need to meet a minimum set of email authentication standards along with other controls in order for email to get delivered.
Those who don't meet those standards will see their emails rejected or bouncing back.
The standards that Google and Yahoo are asking you to meet in order to send email to their users are email authentication protocols, also known as being DMARC compliant.
So many organizations are not compliant or doing a bad job when it comes to email authentication, that it's easily allowing threat actors and scammers to spoof their domains to successfully send unwanted and malicious email to their victims, which can include employees, customers, and partners.
To be DMARC compliant means that you are publishing a DMARC policy via DNS records across all your organization's domains and that your sending sources are correctly authenticated and aligned.
DMARC passes or fails a message based on how closely the message From: header matches the sending domain specified by either SPF or DKIM. This is called alignment.
A DMARC policy allows a sender to indicate that their messages are authenticated with SPF and/or DKIM and tells a receiving mail gateway what to do if neither of those authentication methods passes - such as junk or reject the message.
DMARC removes guesswork from the receiver's handling of these failed messages, limiting or eliminating the user's exposure to potentially fraudulent and harmful messages.
DMARC also provides a way for the email receiver to report back to the sender about messages that pass and/or fail DMARC evaluation, enabling them to quickly see any instances of unauthorized usage of their domains.
While email authentication and becoming DMARC compliant might sound complex, once you understand the basic concepts it can be more straightforward, especially if you are using a DMARC implementation and reporting service like the domain protection from Cisco's SolutionsPlus partner Red Sift.
These types of tools make the entire process much simpler and with Red Sift OnDMARC, it also includes AI capabilities that help you get to your goal of being DMARC compliant much faster than other platforms.
This is a project that needs to be done carefully, for example if you forget to configure any of your authorized email senders then their email could be inadvertently blocked.
From a market viewpoint, this is great news because with Google and Yahoo enforcing these new requirements, more organizations will be forced to become DMARC compliant.
This will reduce spam and unwanted email by helping to defeat exact domain impersonation attacks.
For email receivers, this means that the email getting into their customer's mailboxes should be more trustworthy.
This won't eliminate all spoofing issues as you may still see scams being sent from domain typo squatting, which is where a solution like Cisco's Secure Email Threat Defense can provide additional protection.
The biggest benefit is for the email sender, as being DMARC compliant provides much better chances of your authenticated email successfully making it to the users you want it to get to.
Plus, with the DMARC reports coming back to your organization from receiving email servers, you can identify unauthorized domain usage much more quickly, so you can react appropriately.
This Cyber News was published on feedpress.me. Publication date: Tue, 09 Jan 2024 13:13:04 +0000