ValiMail Pro™ puts you back in charge of your company’s email, giving you visibility into services and senders that are currently using your domain names and the control to define which are authorized. The result is that recipients of email from your company’s domains can trust that the email is actually coming from you – be they employees, partners, or customers.
Cloud-based Email Services Abound
In recent years, the number of services used by companies to send email has exploded, with different teams across each organization using various tools and services such as Marketo, Salesforce, MailChimp, or Zendesk – and mostly with no enforced process controlling who can start using a service to send email in the company’s name.
With the rise of Shadow IT, many organizations lack a centralized understanding of what services are in use and which teams are using them. Without this clear understanding, correctly setting up email authentication is impossible.
Fortunately messaging and infrastructure teams have a solution in the DMARC standard. DMARC (Domain-based Message Authentication, Reporting & Conformance) is an industry standard that enables domain name owners to declare in DNS exactly which senders are authorized to email on their behalf.
DMARC builds on previous SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail) standards to create visibility, full control, and enforcement over email sending. Using DMARC you can identify everyone attempting to send mail using your domain names – whether or not they’re part of your company – and choose which are authorized to send while blocking those who are not.
Unfortunately DMARC, SPF, and DKIM are all difficult to implement, requiring changes to DNS and highly specific technical knowledge. Time consuming, error prone, and in need on continuous monitoring and updating, these protocols pose serious challenges to implement effectively over the long term.
- The SPF ten lookup limit is very difficult for today’s environment and its heavy use of cloud services
- Using SPF flattening in response to the ten lookup limit carries huge risk for error and requires constant maintenance
- Editing text-based DNS records must follow very specific syntax or records will not parse correctly
- DKIM keys need to be strong enough and rotated regularly
- DMARC reports are long and difficult to read, often reducing their communicative value to nearly nothing
Getting these records wrong can have disastrous effects. You might fail to block phishing and other rogue email activity. Or you might accidentally hurt deliverability for your own, legitimate email.
How ValiMail Works
Only ValiMail Pro automates and manages email authentication and DMARC enforcement on your behalf, providing one-click control over who’s allowed to send email from your domain and protecting you against phishing attacks.
With ValiMail, you can:
- Gain full visibility into the services and senders using your domains to send email, both legitimate and phishing
- Control which services are allowed to send on your behalf
- Create and maintain correct email authentication records in DNS with the click of a button, without having to directly edit your DNS
- Get around SPF’s ten lookup limit using ValiMail’s Targeted SPF™, adding as many sending services as you like without ever exceeding the limit
- Avoid SPF flattening, with its error-prone and fragile nature, in favor of a robust and flexible macro-based service
- Ensure DKIM keys are cryptographically secure
- Never worry about private information because the ValiMail service doesn’t see the content of your emails
What services – legitimate or criminal – are sending email from your domain, and are those messages authenticating? Request a complementary domain assessment to find out.