Sign in
  • Home
  • Products
    • Enforce
    • DMARC Monitor
    • Instant SPF
    • Amplify
  • Solutions
    • Anti-phishing
    • Brand protection
    • Compliance
    • Government
    • Marketing
    • Microsoft
    • Shadow IT
  • About
    • News + awards
    • Partners
    • Team
    • Careers
    • Industry leadership
    • Customer support
  • Learn
    • Resources
    • Blog
    • Customers
  • Support
Request phishing analysis
  • Products
    • Enforce
    • DMARC Monitor
    • Instant SPF
    • Amplify
  • Solutions
    • Anti-phishing
    • Brand protection
    • Compliance
    • Government
    • Marketing
    • Microsoft
    • Shadow IT
  • About
    • News + awards
    • Partners
    • Team
    • Careers
    • Industry leadership
    • Customer support
  • Learn
    • Resources
    • Blog
    • Customers
  • Get started for free
  • Support
  • Sign in
Check to see if you’re protected
☰
Check to see if you’re protected
Share this article
Related posts
  • Blog
    Research: Only 22 of the top 100 retailers are protected by DMARC
  • Blog
    DMARC authentication gets you the deliverability you deserve
  • Blog
    How vulnerable are U.S. election operations to email spoofing?
Valimail blog

Momentum Builds for DMARC in the U.S. and U.K

Author: Valimail
lego characters holding uk and us flags

The movement to implement email authentication is gathering steam, and international cyber security experts are increasingly pointing to DMARC as a crucial key.

Now, government agencies in the U.S. and the U.K. are adding their voices to the chorus.

Here’s a sampling of recent recommendations:

  • “If everyone used [DMARC], actually the spam problem would not only be significantly reduced, it’d probably almost go away,” said Paul Edmunds, Head of Technology at the U.K.’s National Crime Agency (NCA) National CyberCrime Unit, at the London Cloud Security Expo earlier this month. And he wasn’t just referring to spam–he was also talking about DMARC’s ability to stop same-domain phishing attacks and thereby cut down on emailed malware and business email compromise attacks.
  • “You can stop those spoofed email attacks with DMARC,” Phil Reitinger, president and CEO of the Global Cyber Alliance, told Dark Reading this week. The GCA is an international organization founded by the New York County District Attorney and the City of London Police, among others.
  • The U.K.’s new National Cyber Security Centre (NCSC) issued a mandate in October that government agencies implement DMARC, and it will soon start publishing a dashboard showing how well they are complying–or aren’t. “In six months the dashboard goes public as an incentive for government departments to take action or face being named and shamed,” said Ian Levy, technical director of the NCSC, in October. (Note: Levy was on a panel of email experts that ValiMail CEO Alexander García-Tobar moderated in Paris in October. Other participants included leading European ISPs, who also declared their support for DMARC then.)
  • Later that month, Levy told people at a Sydney security conference, “If anybody in this room, as a cybersecurity professional, has an email domain and doesn’t have DMARC, you should be ashamed of yourselves,” Levy said.
  • And in early March, the U.S. government’s Federal Trade Commission added its own recommendation for DMARC as a way of preventing email scams. “By using DMARC to instruct receiving ISPs to reject unauthenticated messages, online businesses could further combat phishing by keeping these scam emails from showing up in consumers’ inboxes.”
  • These agencies and organizations are recognizing what major email senders have been advocating for several years now: DMARC works to cut down on phishing and spam, and it provides unprecedented visibility and accountability to email. That’s why virtually every major email service provider, including  Gmail, AOL Mail, Microsoft Hotmail and Live.com mail, Yahoo Mail, and more — representing more than 2.7 billion mailboxes in all —support email authentication and will check the DMARC records for incoming email. DMARC is also supported by email gateways from many companies including Proofpoint, Cisco, and Symantec, as well as Microsoft’s Exchange server.

And while DMARC is still optional, the time is coming when publishing and enforcing a DMARC policy will be essential to ensuring deliverability of your mail. Already, providers like Gmail are putting a question mark next to incoming messages that don’t have authentication. Some also factor in the presence or absence of email authentication when deciding whether to flag messages as spam. We expect this trend to continue, with more providers taking a stronger and stronger stand in favor of DMARC, improving deliverability for senders who use it and downgrading deliverability even further for those who don’t.

Unfortunately, as the FTC acknowledged and ValiMail’s own research confirms, most organizations aren’t doing such a great job at implementing DMARC correctly. ValiMail has found that roughly 70 percent of companies that attempt DMARC don’t complete the process, either leaving it in non-enforcement mode (p=none) or else implementing it incorrectly. That average applies regardless of company size, so the big enterprises don’t necessarily have an advantage over much smaller organizations.

That’s where ValiMail’s Email Authentication as a Service comes in. We provide a turnkey service that allows you to set up email authentication in a fraction of the time it would take to do it manually. Our service provides instant, one-click management so it’s trivially easy to add or remove whitelisted senders. And we provide detailed reports that are far easier to parse than the unformatted DMARC logs generated by mail gateways.

Is your domain protected by DMARC? Use our domain checker to find out, and contact us to learn more about our service.

Back to blog
Published March 30, 2017
  • Cybersecurity
  • DMARC
  • Email
  • Email Authentication
Author: Valimail
Valimail is the global leader in zero-trust email security. The company’s full line of cloud-native solutions authenticate sender identity to stop phishing, protect brands, and ensure compliance; they are used by organizations ranging from neighborhood shops to some of the world's largest organizations, including Uber, Splunk, Yelp, Fannie Mae, Mercedes Benz USA, and the U.S. Federal Aviation Administration. Valimail is the fastest growing DMARC solution, with the most domains at DMARC enforcement, and is the premier DMARC partner for Microsoft 365 environments. For more information visit www.valimail.com.
Resources
Top retailers remain vulnerable to email brand spoofing
Learn more
Email security with Microsoft and Valimail
Learn more
Election email security
Learn more
Email fraud landscape, Summer 2020
Learn more
Preparing for BIMI: A Marketer’s Guide
Learn more
Latest news
Trump’s refusal to concede the election is creating an opening for cy...
Learn more
2020 General Election Results to Directly Impact Tech Industry
Learn more
Why Email Is Still an Election Day Disinformation Risk
Learn more
US elections are still vulnerable to email spoofing
Learn more
Security Gaps Persist, Report Warns, After U.S. Blames Iran In Election Sch...
Learn more
Press releases
Valimail Triples Customer Base, Becomes Top Global DMARC Provider in 2020
Learn more
Valimail: 2020 election infrastructure still vulnerable to email hackers
Learn more
Valimail Announces Selection by ASG for Anti-Phishing and BEC Protection
Learn more
Valimail DMARC Monitor and Valimail Enforce Now Available in the Microsoft ...
Learn more
Valimail Research Finds More Than 1 Million Domains Using Crucial Email Aut...
Learn more
Follow us
Contact us

P: 888.354.6179
E: info@valimail.com

Headquarters

180 Montgomery Street
20th Floor
San Francisco, CA 94104

Valimail Mountain Office

1550 Larimer Street
Suite 271
Denver, CO 80202

Request a full phishing analysis
© Valimail
  • Terms of use
  • Privacy Policy
  • Website terms of use
  • Do not sell my personal information
  • Phishing Analysis
  • Domain Checker
  • Products
  • Enforce
  • DMARC Monitor
  • Instant SPF
  • Amplify
  • Solutions
  • Anti-phishing
  • Brand protection
  • Compliance
  • Government
  • Marketing
  • Microsoft
  • Shadow IT
  • About
  • News + awards
  • Partners
  • Team
  • Careers
  • Industry leadership
  • Customer support
  • Learn
  • Resources
  • Blog
  • Customers
Subscribe to our newsletter

Get exclusive content on improving email security and deliverability from the experts at Valimail.

  • *
    I understand that I may proactively manage my preferences, or opt-out of Valimail communications at any time using the unsubscribe link provided in Valimail email communication. I confirm that I am over the age of 16. The information that you provide will be used in accordance with the terms of our Privacy Policy.
  • This field is for validation purposes and should be left unchanged.