Do these situations sound familiar to you?
Have your colleagues ever received an email with a spoofed sender address from your own domain- e.g. has your accountant received an invoice from a manager that has never been sent from his address?
Has your customer received a complaint from you that has never been sent?
Did somebody try to trick your employees to steal your company’s data?
How can you be sure that the email received is genuine and not fake?
What to do?
The following free technologies for email security and reliability will help answer these and other questions related to the authenticity of the email.
SPF (Sender Policy Framework)
A list of your trusted senders' server addresses will be created and put in your DNS that will describe what the recipient will do if they receive email from your domain outside of these trusted addresses.
DKIM (Domain Key Identified Mail)
Will ensure that the content of the e-mail (sender's field FROM, etc.) is signed with a private key, so the recipient will be able to make sure that the sender is really you and content of the email has not been altered while in transit.
DMARC (Domain-based Message Authentication, Reporting and Conformance)
Provides you with the ability to determine what the recipient should do with unverified emails, such as quarantining immediately without ever exposing them to end users.
How can we help?
Although these technologies are free and do not require additional investment in your infrastructure, they require detailed plan preparation, careful implementation, analysis, and further monitoring.
dots. experts will implement these technologies for your organization to ensure e-mail security and reliability. While you may find many automation tools online claiming to help you implement DMARC, we go beyond that.
Our service includes a full DMARC implementation lifecycle, including implementation of DKIM signing on your servers and analysis of DMARC reports sent by external parties on your behalf. The implementation process itself is delivered remotely and you will not have to grant administrator rights for your infrastructure to us (any high privilege operations can be performed by your staff as a pair change management exercise under our supervision).