As we all know, email is still the primary gateway for cybercriminals looking to steal sensitive information, spread malware or to launch phishing attacks. To combat these ongoing threats, email security protocols have evolved over time. In addition, email sending standards have also changed and have become more thorough.
Thus, companies that haven’t kept up with these innovations may have substantial email security and deliverability gaps. In our experience, in fact, most small and mid-sized businesses do indeed fall short in this regard.
Problem is: how can you quickly discern whether your business might be one with an email settings problem? Today, we’ll show you how to find out for yourself with a few simple clicks.
For this example, we will highlight just one of those email settings: DMARC.
What is DMARC?
DMARC stands for Domain-based Message Authentication, Reporting and Conformance. It is a protocol that uses Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM) to verify the authenticity of an email message. Essentially, DMARC allows domain owners to specify how incoming email messages from their domain should be handled, providing a way to combat email spoofing and phishing attacks.
Why is DMARC important for email security?
Email spoofing is a common technique used by cybercriminals to send emails that appear to be from a legitimate source but are, in fact, fraudulent. DMARC helps prevent spoofing by authenticating email messages, allowing the recipient’s email client to automatically verify that the message is from a trusted source.
DMARC also provides reporting capabilities, enabling domain owners to receive reports on how their domain is being used for email messages. This can help identify and block unauthorized use of the domain for phishing or spamming purposes.
Implementing DMARC can also improve email deliverability, as it reduces the likelihood of legitimate emails being caught by spam filters. When an email message fails DMARC checks, the recipient can choose to reject or quarantine the message, preventing it from reaching the inbox.
So, why are you telling me about DMARC?
Here’s why. Visit the following page and enter your company’s url: www.mxtoolbox.com
As an aside, MX Toolbox is a handy site for discovering certain high-level, publicly available insights about a domain, its web presence and email services, but we’ll focus only on DMARC today.
If you run your domain and the results look like ours do, with three green checkmarks:
…it means someone has thoughtfully set up your organization’s email. Optimal email security doesn’t happen by itself, unfortunately.
If, however, your results contain some combination of red and yellow checkmarks like the image below, the odds are high that the rest of your email settings are also poorly set up.
The rest of my settings?
Yes, DMARC is just one of 11 key email security and deliverability settings we review and fix on behalf of new clients.
Ultimately, our suggestion for today is this: take 30 seconds to click the link above, then enter your email address at MX Toolbox. If you don’t see 3 green checkmarks showing that one of your most fundamental email settings is correct, you should seek out expert guidance because larger security and deliverability issues almost certainly exist.

