Solutions: Government

Stop unauthorized and malicious use of your government domain with email authentication

American Flag

Valimail provides the most efficient and effective way to protect government domains from fraudulent use with the only DMARC cloud solution to achieve FedRAMP authorization for government use.

  • Worldwide visibility of inbound and outbound phishing attacks using your domain
  • Automated and secure management of key standards (SPF, DKIM, and DMARC) with zero PII
  • Centralized management of DMARC reports and one-click sender authorization
Learn more
Valimail_Imposter_Email_Government (1)

Why email authentication for your government domain?

Email authentication with DMARC has been mandated by DHS to protect U.S. Government agencies (BOD 18-01). When implemented correctly, it provides total visibility of all email senders using your domain as well as 100% protection against hackers spoofing/phishing your domain.

Without DMARC email authentication, your agency is open to spoofing and phishing attacks.

Gov Logos Vertical (1)

Why Valimail?

Valimail provides visibility and protects a range of government customers.

  • Average time to full DMARC protection for government domains is less than 1 month (compared to 12+ months to do it manually)
  • FedRAMP-Authorized and SOC2 Type2 Compliant
  • Immediate recognition and classification of thousands of legitimate sending services
Learn more
We have invested in secure email gateways, malware detection appliances, anti-virus software, etc. to protect our enterprise from malicious email. Why do we need DMARC?

DMARC enforcement is unique in its ability to stop 100% of all malicious email being sent from a protected domain, regardless of who and where the sender is, or to whom the email is being sent. No other technology or security standard provides this level of protection.

Can't our IT staff implement DMARC on their own?

Given enough time, money, and resources, they probably can. However, most in-house DMARC implementation projects take over 12 months and are tedious, complex, time-consuming, and expensive. And the risk of mistakes is high, which can cause disruption to important email services and even blocking of good email. Valimail’s secure purpose-built cloud service and expert staff can implement and maintain DMARC enforcement in a fast and cost-effective way.

We use Google/Microsoft to run our mail services. Can they implement DMARC for us?

Google, Microsoft, and all U.S.-based email service providers support DMARC by running authentication checks when receiving email. However, it is up to the owner of the sending domain to publish the correct DMARC policies in DNS. Without setting those policies, email receivers will not be able to authenticate email or block spoofed messages that appear to come from that domain.

What is DHS BOD 18-01 and why does it matter?

Binding Operational Directive (BOD) 18-01, issued by DHS, mandated all federal agencies implement DMARC enforcement within 12 months. BOD 18-01 validated DMARC as the only way to protect agencies, citizens, allies, and businesses from malicious emails appearing to originate from federal .gov domains.

What government contract vehicles are you on?

Valimail’s FedRAMP service is available on GSA Schedule 70, NASA SEWP V contract, NASPO ValuePoint Cloud Services Contract, and other agency-specific contract vehicles. Valimail has numerous government reseller partners that qualify under SBA’s small disadvantaged business criteria (HUB zone, SDVOSB, Woman-owned, 8a, Native American Indian, etc.)

Contact us

P: 888.354.6179


1942 Broadway St., Ste. 314C
Boulder, CO 80302