By Rui Serra • April 23, 2025
As the largest players in the email space acknowledge the need for DMARC, the entire ecosystem will become restricted to the ones following the rules.
Very recently, Microsoft decided to enforce DMARC for the big email senders, as seen here. This movement came after similar ones by Google, Ebay, and other large companies that host the majority of consumer and enterprise email. And before that, the Email security players were already being strongly inclined in making authentication protocols as a big part of their security filtering.
Likely, we will be seeing a series of rulesets that will culminate in all email that flows through the internet MUST have proper DKIM and SPF (and DMARC) or be deemed as spam.
But isn't DMARC just reporting on top of DKIM and SPF?
DMARC is essential because it protects your domain from being used in phishing and spoofing attacks. It ensures only authorized senders can use your domain, improves email deliverability, protects your brand's reputation, and gives visibility into who is sending emails on your behalf. It works together with SPF and DKIM for strong email authentication.
What's the final goal?
To Block or Filter Large Senders that are spoofing other domains or simply spamming.
By combining Mail flow rules (transport rules), bulk complaint level (BCL) filtering and DMARC/DKIM/SPF Enforcement
Simply speaking, what should legit organizations do?
Firstly, setup DKIM and SPF, and then configure DMARC, just to obtain records.
Next, organizations need specialized tools to help them understand which IPs are sending email for your domains, if they should, and if they're well-configured.
Finally, Use DMARC policies with p=reject or quarantine to prevent others from impersonating your domain.
© AnubisNetworks 2023 •