As we all know, email is still the primary gateway for cybercriminals looking to steal sensitive information, spread malware or to launch phishing attacks. To combat these ongoing threats, email security protocols have evolved over time. In addition, email sending standards have also changed and have become more thorough.
Thus, companies that haven’t kept up with these innovations may have substantial email security and deliverability gaps. In our experience, in fact, most small and mid-sized businesses do indeed fall short in this regard.
Problem is: how can you quickly discern whether your business might be one with an email settings problem? Today, we’ll show you how to find out for yourself with a few simple clicks.
For this example, we will highlight just one of those email settings: DMARC.
What is DMARC?
DMARC stands for Domain-based Message Authentication, Reporting and Conformance. It is a protocol that uses Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM) to verify the authenticity of an email message. Essentially, DMARC allows domain owners to specify how incoming email messages from their domain should be handled, providing a way to combat email spoofing and phishing attacks.
Why is DMARC important for email security?
Email spoofing is a common technique used by cybercriminals to send emails that appear to be from a legitimate source but are, in fact, fraudulent. DMARC helps prevent spoofing by authenticating email messages, allowing the recipient’s email client to automatically verify that the message is from a trusted source.
DMARC also provides reporting capabilities, enabling domain owners to receive reports on how their domain is being used for email messages. This can help identify and block unauthorized use of the domain for phishing or spamming purposes.
Implementing DMARC can also improve email deliverability, as it reduces the likelihood of legitimate emails being caught by spam filters. When an email message fails DMARC checks, the recipient can choose to reject or quarantine the message, preventing it from reaching the inbox.
So, why are you telling me about DMARC?
Here’s why. Visit the following page and enter your company’s url: www.mxtoolbox.com
As an aside, MX Toolbox is a handy site for discovering certain high-level, publicly available insights about a domain, its web presence and email services, but we’ll focus only on DMARC today.
If you run your domain and the results look like ours do, with three green checkmarks:
…it means someone has thoughtfully set up your organization’s email. Optimal email security doesn’t happen by itself, unfortunately.
If, however, your results contain some combination of red and yellow checkmarks like the image below, the odds are high that the rest of your email settings are also poorly set up.
The rest of my settings?
Yes, DMARC is just one of 11 key email security and deliverability settings we review and fix on behalf of new clients.
**UPDATE:
Since we first published this article, we created our own proprietary tool for checking an organization’s email security. We call it the Email Security Spotlight and it is available here: https://kaufmanit.com/emailsecurity/
This new app from KaufmanIT provides an easy-to-read summary of your company’s email settings. Enter any valid business email and in just 30 seconds, you’ll know if you have an email security gap that needs fixing.
Unsure if your company’s email posture is safe from hackers? Don’t stay in the dark. Use KaufmanIT’s Email Security Spotlight right now and find out!
