A person taking an IT support telephone call in Cumbria

How DMARC and DKIM Can Protect Your Business Email

A guide to understanding the latest email security standards and why they matter.

What are DMARC and DKIM?

DMARC and DKIM are two acronyms that you may have heard of, but not fully understood. They are both email authentication protocols that help prevent spoofing, phishing, and spam. Spoofing is when someone sends an email pretending to be someone else, such as your bank, your boss, or your customer. Phishing is when someone tries to trick you into clicking a malicious link or giving away your personal information. Spam is when someone sends you unwanted or unsolicited emails, often with commercial or fraudulent intentions.

DMARC stands for Domain-based Message Authentication, Reporting, and Conformance. It is a policy that tells the receiving email server how to handle emails that fail to authenticate with either SPF (Sender Policy Framework) or DKIM (DomainKeys Identified Mail). SPF is a protocol that verifies that the sender’s IP address matches the domain name in the email header. DKIM is a protocol that adds a digital signature to the email header, which can be verified by the recipient’s server using a public key published in the sender’s domain name system (DNS).

What are the recent changes made by Google and Yahoo?

Google and Yahoo, two of the largest email service providers in the world, have recently announced that they will enforce stricter DMARC policies for their domains, such as gmail.com and yahoo.com. This means that any email that claims to be from these domains, but fails to authenticate with SPF or DKIM, will be rejected or marked as spam by the recipient’s server. This is a good thing for the security and reputation of these domains, as it will reduce the chances of spoofing and phishing attacks.

However, this also means that if you are using a third-party email service or software to send emails to these domains, such as a marketing platform, a CRM system, or a newsletter tool, you may run into some issues. For example, if you are sending an email from [email protected] using a third-party email tool, the recipient’s server may reject or flag your email as spam, because it will not pass the DKIM and DMARC checks. This can hurt your email deliverability, your open rates, your conversions, and therefore this can hurt your sales.

Can DKIM and DMARC help to protect your brand?

One of the main goals of DKIM and DMARC is to prevent email spoofing and impersonation, which are common techniques used by cybercriminals to trick recipients into opening malicious emails, clicking on harmful links, or revealing sensitive information. Email spoofing and impersonation can damage your brand reputation, as well as cause financial losses, legal liabilities, and customer distrust. For example, if someone sends an email pretending to be from your company, asking for payment details, personal data, or login credentials, and the recipient falls for the scam, they may blame you for the fraud and lose confidence in your business.

By using DKIM and DMARC, you can effectively prevent email spoofing and impersonation, and protect your brand identity. DKIM allows you to digitally sign your emails with a cryptographic key, which proves that you are the legitimate sender of the email, and that the email has not been tampered with in transit. DMARC allows you to specify how the recipient’s server should handle emails that fail the authentication check and provides you with reports on the status of your email delivery and authentication. This way, you can ensure that only emails that come from you or authorized sources can claim to be from your domain, and that any fraudulent or suspicious emails are rejected or marked as spam. This will increase your email credibility, trustworthiness, and deliverability while reducing the risk of phishing and spoofing attacks.

Why do business owners need to pay attention?

If you are a business owner who uses email to communicate with your customers, prospects, partners, or employees, you need to pay attention to DMARC and DKIM. They are not just technical jargon; they are essential for your email security and reputation. By implementing DMARC and DKIM for your own domain, you can protect your brand from spoofing and phishing attacks and ensure that your emails reach your intended recipients. You can also monitor and analyse your email authentication performance and identify and fix any issues that may affect your email deliverability.

To implement DMARC and DKIM for your domain, you will need to make some changes to your domain name’s DNS records and configure your email service or software to sign your emails with DKIM. This may sound complicated, but there are many tools and guides available online that can help you with the process. You can also consult with your IT team, your email service provider, or your web host for assistance. Once you have set up DMARC and DKIM for your domain, you can enjoy the benefits of improved email security and reputation.

How can Stratum Now help?

Stratum Now provides a Fully Managed Domain Name service, and we’re enabling DKIM and DMARC on our customer domains right now. Whereas other companies charge for ongoing DMARC management, we’re doing it for free and we’re checking in on it regularly to make sure it’s working for you and your business.

Contact us if you’re unsure about the recent changes for DKIM and DMARC and want some help ensuring that you’re setting up your domain name properly.


Leave a comment