How do you implement DMARC to secure your domain?
You have decided that you need to secure your domain from Spammers and Phishing, how do you implement DMARC to ensure your domain is secure?
DMARC is the final link in the chain. You achieve this using Sender Policy Framework (SPF) , Domainkeys Identified Mail (DKIM) and Domain-based Message Authentication, Reporting and Conformance (DMARC).
How do you implement DMARC – Discovery
We start a DMARC implementation project with a Discovery process. This covers items including:-
- What domains do we need to cover
- Do all the domains send email?
- Who controls the DNS for the domains?
- What email system do you use, Google, Office 365, Exchange, SMPT Servers etc
- Do you send mail from other systems? i.e. CRM, Email marketing system
- How many users do you have?
How do you implement DMARC – Analysis
We configure your domains in our DMARC monitoring system, for the free evaluation period. At this point, we don’t change your SPF or DKIM records.
If you already have a DMARC record we will provide you with an updated DMARC record that allows us to collect the DMARC aggregate reports (rua address). During this analysis the DMARC Failure Policy *, p tag, will be set to none.
*Policy failure options are:-
- p=none – Do nothing, let the email through. Normally used during setup and discovery
- p=quarantine – Send the email through to Spam and let the end user decide
- p=reject – Reject the email
How do you implement DMARC – Report
At the end of your analysis period we will present you with a report that that shows you:-
- The volume of emails that are reported as compliant
- The emails that are non-compliant, based on the current policy.
- Whether they failed on SPF Policy, DKIM alignment or both.
- The DMARC Policy that was applied, during analysis this will be none.
- Where ‘Senders’ are in the world.
How do you implement DMARC – Project Plan
The scope of an implementation plan depends on the complexities found during the Analysis. This depends on the age of the domain, the volume of email, and the different senders found.
For a new small business, it is sometimes possible to directly implement a new policy. For more mature businesses there is an element of ‘clean up’ that needs to be carried out over a period of time. During this process, we work with your information security team to ensure they understand the process and updates.
This tends to be an iterative process as new ‘senders’ are discovered that the Information Security Team were previously unaware of. We also ensure that your Information Security Team are aware of the correct process for approving new ‘Senders’ so that the SPF and DMARC Policy records are updated correctly.
How do you implement DMARC – Costs
Following implementation, we continue to monitor the implementation and provide monthly reports. Where necessary the reports will include additional recommendations to fine-tune DMARC and SPF records.
The monthly costs for the ongoing service are:-
- DMARC Monthly Monitoring and Reporting 1-50 users £23.75
- DMARC Monthly Monitoring and Reporting 51-150 users £55.00
- DMARC Monthly Monitoring and Reporting 151-500 users £125.00
How do you implement DMARC - Next Steps
To find out more about DMARC and how it can help your business complete the form on the right. We can set up a 2 week trial and provide you with a Free DMARC status report.
This will highlight:-
- The volume of email sent during the period
- How much of the email was compliant
- The volume of emails sent illegally
- Where the illegal email is coming from
- Next steps
