Email providers like Google, Yahoo, and Apple are all beginning a process where they start to block bulk email senders if they don’t have DMARC in place. Simply put, that will mean that your and your client’s emails will not make it to their intended destination. In time, this rule will apply to all emails you send.
Unfortunately, with deadlines looming and sanctions starting to be put in place, the vast majority of organizations have either done nothing or have done the bare minimum.
What is DMARC?
DMARC stands for Domain-based Message Authentication Reporting and Conformance. It is used as a standard to authenticate that emails are legitimately being sent by you, and not a host of bad actors pretending to be you by impersonating your brand.
DMARC builds on earlier email authentication protocols like Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM), both of which worked well to ensure marketing emails reach intended mailboxes in an ethical way.
DMARC allows you to specify policies for how receiving email servers should handle emails that fail authentication checks. If someone fails an authentication check using your domain or a domain you control, the DMARC policy can, for example, instruct the receiving server to take actions such as quarantining or rejecting those emails.
DMARC also provides you with reporting capabilities, allowing you to receive reports on email authentication results, including information about successful and failed email authentication attempts, as well as where they originated from.
Why is DMARC important to you as an agency?
With email bring such an important acquisition and retention channel, it makes sense to ensure that your agency meets the required standard so that your email deliverability is not negatively impacted.
It also makes sense for you to protect your and your client’s hard-earned brand reputation and ensure that all emails sent from your domains are legitimate.
Benefits of a DMARC setup
- Email Deliverability – The chances of your email being rejected or being marked as SPAM are greatly reduced, helping to ensure that your emails get through filters as intended.
- Brand Protection and Security – You protect your brand from email spoofing and phishing attacks. Bad actors are not able to easily imitate an email from a trusted domain like yours.
- Visibility and Insight – The reporting capability that DMARC provides gives you valuable insight into how your and your client’s domains are being used, allowing you to quickly identify performance issues and other problems.
- Compliance – By implementing DMARC, you demonstrate a commitment to secure and trustworthy email practise, allowing you to comfortably meet privacy regulations and other industry standards.
Risks if you don’t set up DMARC
- Brand email-based attacks – Without DMARC, your email and domain can be hijacked by bad actors who can spoof or impersonate your or your client’s domains. This leaves you open to both reputational damage and financial loss.
- Reduced brand trust – Over time, if you become known for SPAM messages or phishing emails that appear to originate from a domain that you control, recipients will lose trust in your brand, reducing customer loyalty and engagement.
- Decreased email deliverability – Internet Service Providers and email platforms will likely flag your emails as suspicious, leading to decreased email deliverability and resulting lower engagement rates.
- Potential compliance issues – Depending on the industry your client’s work in, you may fall foul of regulations such as HIPAA (Health Insurance Portability and Accountability Act) or GDPR (General Data Protection Regulation).
Who should use DMARC?
Effectively everyone who sends email as DMARC helps ensure the security of that communication.
How DMARC Works
DMARC uses a combination of existing email authentication protocols to provide an additional layer of protection against email spoofing and phishing attacks.
- You send out an email using an email service that is authorised to send emails on your behalf. These services are authorised using DNS (Domain Name System) records using SPF.
- DKIM adds a digital signature to the emails verifying the integrity of the email content and confirming the authenticity of your domain.
- Using a DMARC policy published in your DNS records, receiving email servers will know what actions they should take should an email fail a SPF or DKIM check. The emails can be monitored, quarantined, or rejected.
- The email is either authenticated and makes it through to the intended recipient, or it fails authentication and doesn’t.
- DMARC ensures alignment between the domain you send the email from and the domains used in the SPF and SKIM checks.
- A report is then generated and sent to the domain owner. That can be an aggregated report, or a more in-depth forensic one.
How much does DMARC cost?
The answer nobody wants to hear. It all depends on a number of factors. Those include:
- DNS Hosting Fees.
- Email Service Provider Pricing.
- Size of Operation.
- Complexity of your email infrastructure.
- Time to deploy and test the solution.
With the costs and risks outlined above being so high, it is a relatively small price to pay to get you and your clients on be on top of your email security and reputation, while also improving the results of the email services you are trusted to deliver.
Starting the process of change may feel intimidating, but we can take ownership of that for you, removing the risk and worry. With phishing emails having increased by over 1,265% in the last year, it makes sense to get on top of your email security. Trust Cardonet to make the right changes to your DMARC to ensure that all legitimate emails are bring sent, linking key agency systems such as your CRM and the like.
If you’re looking for a partner that can protect both your and your client’s brands, while ensuring your email security, reach out to us today on +44 203 034 2244 or +1 323 984 8908. Alternatively, you can contact us online.
You must be logged in to post a comment.