Cisco Secure Email + dmarcian

+    

What

Cisco Secure Email is happy to announce our partnership with dmarcian!

dmarcian for Cisco

When

Now! This is available to all Cisco customers as of early-December 2021.

For more information please contact Cisco:

Who is dmarcian?

dmarcian brings together thousands of senders, vendors, and operators in a common effort to build DMARC into the email ecosystem. dmarcian's customers range from banks, top internet properties, governments, marketing agencies, telecoms and commercial enterprises of all sizes. dmarcian users enjoy access to expert support, powerful tools, human friendly articles & videos, and a growing global network of DMARC deployment partners.

What is DMARC Alignment and Why Is it Important?

Alignment is a key concept in the introduction of DMARC; it is the requirement that the domain used for either a passing SPF or DKIM result MUST match the domain of the From header in the email message body.

Though SPF and DKIM are mostly familiar technologies, it’s important to understand that neither SPF or DKIM, on their own, have anything to do with the From address, which is what humans typically see on an email. This is why phishing, spoofing, Shadow IT and other unchecked/misuse of domains run rampant today. There are very few controls that prohibit bad actors from sending an email as you. The primary control to observe and restrict email domain usage is DMARC.

Identifier alignment is at the heart of DMARC. It is what makes the connection between the authentication mechanisms of SPF and DKIM and the enforcement policy for unauthenticated mail as dictated in the DMARC record. Alignment refers to the relationship between the domain in the From Header address and the domains associated with SPF and DKIM authentication checks. Alignment requires that these domains match. Only emails that are aligned can pass DMARC. A mismatch in domains will result in a DMARC fail.

Are Your SPF and DKIM Identifiers Aligned?

The process of aligning your email proves to the outside world that a particular vendor or server has been explicitly authorized to send on your organization’s behalf. The big picture is that once you’ve aligned all of the mail you do want delivered, you can instruct email receivers to discard anything that you haven’t approved. Without alignment, degrees of uncertainty are introduced when an email receiver is attempting to confirm the origin and trustworthiness of a message.

As DMARC is a domain-based control, you will need to individually configure each vendor that sends email on your behalf. To do this, you’ll need to access your organization’s DNS and contact vendors to configure them to send aligned email. Each vendor, or source, as we’ve come to call it at dmarcian, will have a slightly different variation on how to configure alignment; these idiosyncrasies are why it’s important to understand how to identify and organize your sources and have an understanding of [vendor management](vendor management) relative to your email ecosystem.

Often, third-party vendors will allow you to onboard their solution without the prerequisites for a DMARC project because they don’t want to introduce barriers to entry for their solution. In turn, many vendors have made email authentication optional, though nearly all of them support it. We’ve cataloged and detailed over 1,000 third-party sources, their capabilities, and instructions on how to configure related settings.

Your ultimate goal is to reach as close to 100% alignment as possible with each of your email vendors and then publish an increasingly restrictive DMARC policy of p=quarantine and p=reject. After fulfilling your alignment goal, follow this guide to understand more about each policy and to minimize the impact on legitimate email.

Why Use DMARC for Email?

Email is involved in more than 90% of all network attacks and without DMARC, it can be hard to tell if an email is real or fake. DMARC allows domain owners to protect their domain(s) from unauthorized use by fighting phishing, spoofing, CEO fraud, and Business Email Compromise.

By always sending DMARC compliant email, the operator of an Internet domain can tell the world “everything I send is easy to identify using DMARC—feel free to drop fake email that pretends to be me.”

DMARC’s utility as an anti-spoofing technology stems from a significant innovation; instead of attempting to filter out malicious email, why not provide operators with a way to easily identify legitimate email? DMARC’s promise is to replace the fundamentally flawed “filter out bad” email security model with a “filter in good” model.

If you’re curious about the health of your domain or anyone’s, use our free Domain Checker for a quick check. It inspects DMARC, SPF and DKIM and tells you which actions you need to take to reach compliance.

More about SPF, DKIM, DMARC

Sender Policy Framework (SPF) is used to authenticate the sender of an email. With an SPF record in place, Internet Service Providers can verify that a mail server is authorized to send email for a specific domain. An SPF record is a DNS TXT record containing a list of the IP addresses that are allowed to send email on behalf of your domain.

DomainKeys Identified Mail (DKIM) is used for the authentication of an email that’s being sent. Like SPF, DKIM is an open standard for email authentication that is used for DMARC alignment. A DKIM record exists in the DNS, but it is a bit more complicated than SPF. DKIM’s advantage is that it can survive forwarding, which makes it superior to SPF and a foundation for securing your email.

Starting in 2004 from merging two similar efforts, “enhanced DomainKeys” from Yahoo and “Identified Internet Mail” from Cisco and has since been widely adopted for email authentication.

Domain-based Message Authentication Reporting and Conformance (DMARC) is a free and open technical specification that is used to authenticate an email by aligning SPF and DKIM mechanisms. By having DMARC in place, domain owners large and small can fight business email compromise, phishing and spoofing. Co-authored by dmarcian’s founder, DMARC was first published in 2012.

With DMARC you can tell the world how to handle the unauthorized use of your email domains by instituting a policy in your DMARC record. The three DMARC policies are:

  • p=none
    Monitors your email traffic. No further actions are taken.
  • p=quarantine
    Sends unauthorized emails to the spam folder.
  • p=reject
    The final policy and the ultimate goal of implementing DMARC. This policy ensures that unauthorized email doesn’t get delivered at all.

Getting Started

https://dmarcian.com/getting-started-with-dmarcian/

Videos

https://dmarcian.com/videos-on-all-things-dmarc/

Contact Cisco

For more information please contact Cisco - TODAY!