Aggregate DMARC reports explained

In order to receive DMARC aggregate reports an organization needs to create a DMARC record and publish it into the DNS. After publishing a DMARC record an organization be able to receive DMARC aggregate reports from all ISP’s that are supporting DMARC. These aggregate reports contain crucial information to secure an organization’s domains. This article …

Things to do after collecting your first DMARC data

You have implemented domains to your dashboard, added a DMARC record into your DNS and now receive data. What to do next? In this article we will tell you how you should analyze your data. After you took the first steps of deploying DMARC you will be generating data. You can now start analyzing the …

How to approach vendors with DMARC related questions?

Deploying DMARC for all domains can be a hard process. During this process a lot of sources need to be set up correctly in order to send DMARC compliant email. Some sources have documentation available on how to let their emails become DMARC compliant. However most sources do not and therefore it can be difficult …

What is a DMARC report?

In this article we will cover what a DMARC report is. What a DMARC report look like, what you can do with it and how can you get them? Who sends DMARC reports? When you publish a DMARC record, a lot of ISP’s (i.e. Google, Microsoft, Yahoo, etc.) will send you DMARC reports. These reports …

What does DMARC compliant mean?

In this blog article we will cover what DMARC compliance is and how to become DMARC compliant. In order to fully implement DMARC, being DMARC compliant is key. What is DMARC compliance? With DMARC it is possible to gain full insight on your email channel, choose from three different DMARC policies and protect your domains …

What to do with sources failing the DMARC checks?

In this article we will cover what to do if you find sources failing the DMARC checks. You can find these sources in the per sending overview of the ‘DMARC aggregate reports’ section. Why is a source marked as failed? The reason a source is marked as failed, is because the email(s) from this source …

What is forwarding within DMARC?

Forwarding is a bit of an edge case within DMARC. Forwarding happens when an email receiver forwards your email to another recipient. Log in on app.dmarcanalyzer.com and go to “DMARC aggregate reports” → “Per sending source” to see detailed statistics about your forwarded emails. There are two types of forwarding:   1. Manual forwarding Manual …

What does the SPF failure mean?

When aligning sources in DMARC Analyzer it’s possible that you will see several failures. But what do all these failures mean? Below we created a legenda with all possible failures. SPF SPF records can contain multiple ‘mechanisms’. These are parts of the SPF record while describe (a set of) valid sending IP addresses for this …

5 common mistakes to avoid when deploying DMARC

Deploying DMARC can be an overwhelming and complicated process. In this article we will cover the 5 common mistakes to avoid when deploying DMARC. 1. Not setting up parked (inactive) domains All companies implement DMARC for their active domains. However most companies also have parked (inactive) domains and do not implement DMARC for them. Not …

How to start with DMARC in 5 steps

Doing all above means you are in the ‘Governance’ fase. Please refer to the following article 5 steps to a DMARC reject policy for more information about all stages within a DMARC deployment project.

What is spoofing?

Email spoofing is the forgery of an emailheader. This so that the receiver of the message thinks that the sender originated from someone or somewhere other than the actual source. Spoofing through email is an often used tactic for phishing- and spam campagnes. People will open an email more often when they think it has …

What is Storage spoofing?

Cybercrime is becoming more and more ingenious by the day. One of the latest forms of phishing attempts, we came across at one of the world’s busiest harbours, shows that even storage facilities aren’t safe when it comes to cybercrime and phishing attacks. Storage spoofing attacks are mainly aimed at national and multinational companies that …