Trend Alert: DMARC is the New Black
Picture this: you are at NY fashion week and you’re watching the runway show for the upcoming Spring 2017 collection. Your favorite designers are there, and their runway styles are fresh, innovative, unique, and ready to wear. The show is effortless and fluid from beginning to end. However, little did you know that clothing and hair were pinned last minute, someone’s shoe broke and had to be repaired, and makeup was smudged and had to be reapplied. In order to truly appreciate the work that was done, it is important to recognize the effort put in behind the scenes to create a successful show.
With that said, your emails may have content that is fresh, well-written, and pleasing to the eye, but what about everything happening behind the scenes? Is your visual “from” domain authenticated with SPF and DKIM? Have you put restrictions on who can send mail using your domain? Well, if you haven’t, larger mailbox providers have, such as AOL, Gmail, and Yahoo with others on the way. So, if you’re attempting to use any of these domains as your “from” address, Informz will not allow you to send the email due to their DMARC policy. You wouldn’t have much success getting your messages delivered. What you want to remember is this: only send from domains that you control.
Well, what is DMARC you ask? No, it’s not a designer or new garment fresh off the runway, but it is an important email security trend that is right on point. DMARC stands for Domain-Based Message Authentication, Reporting and Conformance. It leverages SPF and DKIM as authentication mechanisms to determine if the mail being sent is legitimate. With this new policy, domain owners can indicate how they want to handle mail coming from their domain that fails these specifications and how they receive reporting on it. This may not be something you will need to put in place at your organization, but it is important to understand.
I like to think that DMARC affects the sender in two parts:
- The domain used as your “from” address
The sending domain (email address) that you use for your email marketing will determine how receivers handle and classify the email you send. If you do not own the domain you are sending from, your mail may be rejected or classified as spam.
- The domain that is owned by you/your organization
Creating your own DMARC policy will allow added protection against fraudulent and harmful messages in the event that a spammer uses your domain without your permission.
DMARC provides an easy way to identify an email’s legitimacy, protects against fraud, simplifies delivery, and builds a positive domain reputation (as an added bonus, this may improve the IP you are sending from.) Having this mechanism in place can also guard against spammers and help prevent phishing attempts.
How is DMARC deployed?
Once SPF and DKIM authentication are completed, a domain owner may then create another TXT record for DMARC. When a policy has been established, the domain owner can receive reporting on all mail sources that use that domain as well as whether or not that mail is passing SPF and DKIM. Once you begin sending with this policy in place, mail receivers will see the DMARC record and treat the mail accordingly. If you are not ready to set a strict policy to affect mail delivery, you can always just create the record in ‘reporting mode’ to allow you to see how your domain is being used on the internet. See example of some reporting you may see below:
Email authentication never goes out of style, but if you want to make a statement and follow the trend, then think about setting up a DMARC policy. Just remember, your email may be runway ready, but don’t forget what goes on behind the scenes!
Ready for more tips to make sure your messages land in the inbox? Check them out here.