1. Cybersecurity

Is an EmailAuth DMARC policy truly right for everyone?

Disclaimer: This is a user generated content submitted by a member of the WriteUpCafe Community. The views and writings here reflect that of the author and not of WriteUpCafe. If you have any complaints regarding this post kindly report it to us.

Recent research made the odd claim that the great majority of businesses should avoid publishing a DMARC record with an enforcement policy (p=quarantine or p=reject). According to this research, doing so would actually harm email deliverability. This is true if you hurry the enforcement process without taking the time to properly verify your sending services.

DMARC at enforcement, in fact, enhances your email deliverability when you put in the time and effort. Moreover, if your site has been heavily phished, the improvement might be significant.


The problem, as stated above, lies in neglecting to properly approve a service that you are actually utilizing. If you do this, upgrading to DMARC enforcement will result in the blocking of genuine (but incorrectly approved) email communications. This is a real concern, especially for overburdened IT administrators who are just trying to keep the mail flowing but are now tasked with keeping up with all the nuances of DMARC, SPF, and DKIM, as well as dealing with the many variations in how different cloud service providers authenticate email (or don't), interpreting DMARC reports, determining which department owns which cloud service, and so on.

But what about the wider argument that DMARC is only useful in a few specific use cases? That reasoning contradicts current thought.


Why Is Authentication Good for Deliverability?

Nearly every major email service including Google, Microsoft, and Verizon Media (Yahoo Mail and AOL Mail), advocates utilizing DMARC for enforcement. M3AAWG, an industry association, also promotes DMARC enforcement as an email deliverability best practice. This is because enforcement ensures that recipients know without a doubt who controls the domain from which an email message originates. This is an important indication that mail providers use.

The data is clear that after publishing a DMARC record with an enforcement policy, deliverability improves significantly, for the simple reason that poor emails sent in your name no longer counts against your reputation.


According to an HMRC report, after introducing DMARC at enforcement, deliverability rates increased from 18% to 98%. To be precise, HMRC's experience is an outlier. It was frequently spoofed, and as a result, the reputation of its domain with most email recipients was in the toilet.


Authentication is the Way Ahead

The efficacy of authentication (with DMARC at enforcement) is a major reason why these mail providers will ultimately adopt a ‘No Auth, No Entry’ policy, which means that they will only send mail if it authenticates in the way required by DMARC. That day has not yet arrived, but it is growing closer as the pace of DMARC acceptance increases globally.


DMARC compliance is critical for maintaining confidence as the globe embraces new email features that boost engagement and conversion rates. Many people are thrilled about AMP for Email, a new approach to delivering efficient, interactive content through email messages. Naturally, there are security issues with sending more sophisticated interactive code over email, and businesses may alleviate these worries by verifying their sending domains. That is accomplished—yes, you guessed it—through the use of DMARC at the enforcement level.


Furthermore, if you wish to use BIMI, a new standard that allows senders to display an image or logo along with their email messages, you'll need a DMARC record with the policy ‘p=quarantine’ or ‘p=reject’. In other words, enforcement.


Challenges to Enforcement 

Yes, there are issues in ensuring that every genuine service to which you wish to send email is correctly authenticated. If you wish to approve Mailchimp, Hubspot, Asana, system update emails, email discussion lists, invoices, payroll, and credit card processing receipts, for example, you must verify that SPF and DKIM are established appropriately.


This is not a tough or impossible task, but it is certainly doable. In reality, EmailAuth accomplishes this on behalf of our clients every day. This is due to our understanding of how the contemporary email environment operates. We have a thorough knowledge of (and relationships with) all of the world's main email-sending providers, which allows us to precisely identify and authorize them.


In a nutshell, enforcement works. It improves email deliverability, is recommended by major email recipients, and positions you well to take advantage of future email advancements that will make it an even more potent marketing tool.

Anyone who tells you that you shouldn't publish a DMARC policy or that you need not be involved in enforcement is underestimating DMARC's potential.


Original source: https://telegra.ph/Is-an-Emailauth-DMARC-policy-truly-right-for-everyone-01-18



Welcome to WriteUpCafe Community

Join our community to engage with fellow bloggers and increase the visibility of your blog.
Join WriteUpCafe