ESS
Back to Feed
Deliverability

Protecting your brand from email phishing: DMARC enforcement guide

gdpr_guruCompliance Specialist

We discovered phishing emails being sent from our domain. Here is how we used DMARC enforcement to stop it.

The problem

Without DMARC enforcement, anyone can spoof your domain in the "From" field. Receiving servers have no way to know the email is not legitimate.

The solution: DMARC at p=reject

  1. Start with p=none and collect reports for 4 weeks
  2. Identify all legitimate sending sources
  3. Ensure SPF and DKIM pass for all legitimate senders
  4. Move to p=quarantine for 2 weeks
  5. Move to p=reject once confident

After reaching p=reject, phishing attempts using our domain dropped to zero because receiving servers now reject unauthorized emails outright.

#security#phishing#dmarc
111

2 Comments

devops_dave

DMARC at p=reject is the only real solution. Anything less leaves your domain open to spoofing. The path from none to reject just takes patience.

15
api_andreaDeveloper

DMARC at p=reject also improves your deliverability because ISPs trust authenticated senders more. It is a security AND deliverability improvement.

13