Email is a medium of communication that has connected billions of people worldwide. First used in the 1960s, email is being used by approximately 3.8 billion people on the planet. By the year 2018, email traffic grew by 3.2% and the number of emails being sent and received per day reached 333.2 billion. The average number of email accounts per user ratio was around 1.75 accounts per user in the year 2018, and by the year 2022, email accounts per user ratio will reach 1.86 accounts per user. It has been estimated that by the year 2022, the number of email users will reach 4.2 billion which is approximately half the world population.
These statistics are enough to spike the curiosity of cyber-attackers. According to a report, 92% of the malware is delivered through email. The number of Ransomware attacks has increased by 350%. Business email compromise attacks alone have cost $12.5 billion. Globally cyber-attacks have cost $600 billion to organizations.
A report claims that 61% of the small scale has gone out of business as an aftermath of cyber-attacks. Small or mid-sized business is usually hit with approximately 4000 cyber-attacks per day. The most popular medium of cyber-attacks is, without a doubt, emails. Through emails, most of the cyber-attacks like Phishing, Ransomware, Fileless attacks, etc. are deployed. This makes the security of
One of the most effective measures to secure the email domain against cyber-attacks is by setting appropriate DMARC policies.
Why Do We Need DMARC Policies?
Domain-based Message Authentication, Reporting, and Conformance is a critical approach to ensure the integrity of incoming emails from a given domain. However, this email security standard is not turned on by default for every domain, at every email server or web host. Organizations and email administrators require the appropriate configuration and setting of DMARC policies.
What Are The DMARC Policies?
A DMARC policy allows the receiving email host to treat emails sent from your domain based on the criteria that you have set. This mechanism provides visibility into reports on what is being sent from your domain and how these emails are being treated by the receiving hosts. In order to create your DMARC policy, first, an SPF record policy must be created, following that a DKIM policy must be created. At last, create a DMARC record policy. The different parts of the policy are as defined:
dmarc: identifies TXT record as a DMARC policy.
- v=DMARC1: indicates the version of DMARC in used.
- P: quarantine is the set of policy action.
- none: Reporting only/ Do nothing
- quarantine: Treat the mail as per the set policy.
- reject: Refuse email that fails DKIM and SPF.
- rua: identifies the destination of the aggregate reports.
- pct=100: specifies how much traffic will be subjected to policy validation.
Three different kinds of DMARC policies can be set in the DMARC record. This includes ‘none’, ‘quarantine’ or ‘reject’.
- p=none: This policy is referred to as monitoring where the mailbox provider would not take any actions on your emails if it fails DMARC. The email will be sent to the inbox. The policy helps in knowing about the source of the email that is not get Signed or the email that appears to be Spoofed. Once you find the reports containing only valid spoofed emails, you can change the policy to Quarantine.
- p=quarantine: In this policy, all the emails that fail DMARC will be treated by mailbox providers as suspicious. You can monitor emails in Quarantine and either approve or reject emails. The maximum time period for acting on these emails is 24 hours.
- p=reject: By setting the policy to ‘reject’, mailbox providers will reject all those emails that fail DMARC. These emails will bounce back and will not end up in the recipient’s inbox. For domains that never send emails, a ‘reject’ policy helps in preventing domain abuse.
DMARC record contains these policies. With the help of DMARC record generator and analyzing tools like KDMARC, policies appropriate for your domain can be set. This not only enhances the deliverability of your email domain but also, prevents your email domain against email spoofing.