How should I setup parked/inactive domains?

Most companies have a set of active domains which they use to send mail from. However most of the time there are also parked (or inactive) domains. These are domains which have been registered by a customer, but which are not used to send email or host a website. This can be ‘typo domains’ or …

What is forwarding within DMARC?

Forwarding is a bit of an edge case within DMARC. Forwarding happens when an email receiver forwards your email to another recipient. Log in on app.dmarcanalyzer.com and go to “DMARC aggregate reports” → “Per sending source” to see detailed statistics about your forwarded emails. There are two types of forwarding: 1. Manual forwarding Manual forwarding …

5 common mistakes to avoid when deploying DMARC

Deploying DMARC can be an overwhelming and complicated process. In this article we will cover the 5 common mistakes to avoid when deploying DMARC. 1. Not setting up parked (inactive) domains All companies implement DMARC for their active domains. However most companies also have parked (inactive) domains and do not implement DMARC for them. Not …

How to approach vendors with DMARC related questions?

Deploying DMARC for all domains can be a hard process. During this process a lot of sources need to be set up correctly in order to send DMARC compliant email. Some sources have documentation available on how to let their emails become DMARC compliant. However most sources do not and therefore it can be difficult …

What is Storage spoofing?

Cybercrime is becoming more and more ingenious by the day. One of the latest forms of phishing attempts, we came across at one of the world’s busiest harbours, shows that even storage facilities aren’t safe when it comes to cybercrime and phishing attacks. Storage spoofing attacks are mainly aimed at national and multinational companies that …

Set up two factor authentication for additional security

DMARC Analyzer takes the security of your data very serious. We protect our systems with the latest techniques. For us this is obvious as your account is filled with valuable information describing your companies infrastructure. However next to the security we can implement, we also believe it is very important for our users to have …

How long does it take for the reports to appear in DMARC Analyzer?

The first step to start implementing DMARC is to update your DNS record as instructed by our setup. However you may not directly see results in the tool. ISPs (/ DMARC report senders) may cache the results of the DNS records for up to 72 hours (independent of the TTL of your DNS records). So, …

I’m missing forensic reports?!

Are you missing reports in the forensic section? This can have several causes. We try to explain possible causes of this here. Not all ISP’s send forensics Not all ISP’s send the forensic reports. This is mostly due to privacy considerations, but also due to performance related issues. Providing a copy of invalid messages to …

How to redeem a coupon?

Thank you for your interest in DMARC Analyzer! As you’ve visited this page, this means you intent to sign up to DMARC Analyzer. And you have a valid coupon at your disposal! Follow these steps to redeem this coupon while signing up: Register for a DMARC Analyzer account or login to your account Go to …

When to enforce the DMARC policy to reject?

The following article covers when an organization is ready to enforce the DMARC policy. We give comprehensive guidance on how to enforce the DMARC policy and discuss whether it is always desirable to enforce the DMARC policy to reject. What DMARC policies are available and what impact do they have on email delivery? Within DMARC …

Unknown sources in the DKIM aligned section

You may see sources you do not recognize in the ‘ DMARC compliant – DKIM aligned’ section. This may occur if you send DKIM signed email to these sources and the recipient has configured a forward. This would mean the original receiving server of the message will forward the message to the new destination as …

What is alignment?

DMARC is all about verifying that the address in the ‘From’ header is the actual sender of the message. To achieve this, the technical settings to verify senders DKIM and SPF are used. However, both DKIM and SPF do not require the From header and the user identity for either DKIM or SPF to match. …

DMARC Aggregate reports

In order to receive DMARC aggregate reports an organization needs to create a DMARC record and publish it into the DNS. After publishing a DMARC record an organization be able to receive DMARC aggregate reports from all ISP’s that are supporting DMARC. These aggregate reports contain crucial information to secure an organization’s domains. This article …

Things to do after collecting your first DMARC data

You have implemented domains to your dashboard, added a DMARC record into your DNS and now receive data. What to do next? In this article we will tell you how you should analyze your data. After you took the first steps of deploying DMARC you will be generating data. You can now start analyzing the …

What does DMARC compliant mean?

In this blog article we will cover what DMARC compliance is and how to become DMARC compliant. In order to fully implement DMARC, being DMARC compliant is key. What is DMARC compliance? With DMARC it is possible to gain full insight on your email channel, choose from three different DMARC policies and protect your domains …