Large companies across the world receive phishing emails every day. There are a number of these companies who are still not aware of DMARC, however, a large number of big companies have started following DMARC policies. Companies that have adopted DMARC have seen impressive results in the fall of suspicious emails entering the company domain as well as misuse of company domain.
With DMARC into practice, spoofed emails in your domains get rejected avoiding any CEO to CFO level of fraud attacks. It is really challenging to tell apart a fake email from an authentic one. Email providers keep struggling in deciding authentic harmless emails to be delivered to users against the fake harmful emails to reject. DMARC is the solution for these problems. It helps email senders and receivers work together to better secure emails, protecting users and brands from painfully costly abuse.
There is a deciding parameter p in DMARC settings. The parameter p can take 3 values, which are none, quarantine or reject.
- P=none : DMARC is giving no advice to the receiving MTA (Message Transfer Agent).
- P=quarantine : Any email that fails DKIM or SPF checks is marked as suspicious and informed to MTA
- P=reject : Emails failing the mandatory DKIM , SPF and additional checks are marked rejected and advised the same to MTA.
What are the consequences of p=reject?
Third party people sending email using your domain will come down greatly.
Email phishing attacks can be avoided.
Which companies have adopted to DMARC’s reject policy?
Following big companies have already adopted DMARC’s reject policy to stay more safe and secure.
- Yahoo!
- Microsoft
- Wikipedia
- Blogspot
- Uber
- Whirlpool