December 19, 2017
“Reject” phishing in 2018: A look inside the new 250ok DMARC.
In 2016, the Internal Revenue Service (IRS) reported a 400% increase in phishing attacks by cyber criminals attempting to impersonate the agency.
In October 2017, the Department of Homeland Security issued a directive that all federal agencies must implement a DMARC policy (p=none) within 90 days and reject policy (p=reject) within one year. Meanwhile, we were already seeing a steady uptick in interest from universities, state governments, and foreign agencies alike.
It’s clear: 2018 is going to be a big year for DMARC adoption.
It’s been nearly two years since we initially launched 250ok DMARC. In those two years, our software and services helped companies from a variety of industry, from Fortune 500 to small business, successfully deploy a DMARC policy and achieve a reject policy.
It’s this expertise that shaped the new 250ok DMARC experience. The way we see it: if the largest senders in the world can do it, you can too. And as we’ve always said, “DMARC can be complicated, but your deployment and reporting software doesn’t have to be.”
Spare yourself from the sensationalized security pitches. Put that confusing DMARC interface on the backburner. Save yourself tens of thousands of dollars. Why? Because you deserve better.
Here’s how you can manage DMARC successfully with the right tools for the job:
Know who is sending what, from where, and when.
One of the most difficult aspects of DMARC is tracking who is sending non-compliant or unauthorized mail. But not anymore. With 250ok DMARC, you’ll know the type of mail source (ESP, ISP, webmail providers, etc.) in addition to who owns the mail stream.
This is what we refer to as “mail source classification,” and it is often the missing layer of visibility you need to understand who is sending what, and from where. It’s single-handedly the easiest way to identify problematic senders and authentication issues.
As 250ok continues to analyze billions of messages from our proprietary spam trap network (the backbone of 250ok Reputation) and DMARC reports, the classification engine will continue to grow, and you get the added benefit of a holistic platform that enhances DMARC by reaching far beyond it.
Identify authentication problems at the source.
We’ve introduced several new trend charts, including SPF Problems and DKIM Problems, that summarize your authentication results to understand what is failing. We’ve seen many cases where a simple configuration error can lead to undesirable authentication results, but the key for us was making this information easy for you to find. The sooner your authentication is cleaned up, the sooner you move towards a reject policy.
Find what you’re looking for, with speed and clarity.
You can only solve problems as fast as you can find them. We’ve added all of the lightning-fast filtering that customers love about our other products, with a few additional enhancements. Whether you’re sending one message or one billion, we’re not sweating it. I mean really, we’re not sweating it. One of our customers, a top social network, routinely analyzes more than four billion data points in less than one second.
Additionally, we’ve added the ability to investigate unknown or suspicious IP addresses. You can click any IP address from your DMARC dashboard and see WHOIS information (who owns it, where it’s located) and its messages we’re collecting on our spam trap network.
Understanding your mail sources, whether they’re sending legitimate or malicious email, is critical to successful DMARC deployment. With this new level of visibility, you can pretty easily distinguish between internal, third-party vendors, and external mail sources to measure the impact of moving towards a reject policy so you can plan accordingly.
Monitor 24/7 with custom alerts.
The 250ok Alert Center can be tailored to alert you about anything imaginable. Monitor for DMARC or SPF record changes, drops in DMARC compliance domains, you name it. And since not all alerts are created equal, you can choose between email, SMS, Slack, HipChat, or PagerDuty. We’ll make sure you receive the right alerts at the right time.
Monitor DMARC health holistically across your entire email program.
We’ve always supported unlimited policy domains and unlimited volume, but we wanted to improve the experience for customers managing multiple domains. The redesigned dashboard offers a rolled-up view of DMARC performance across your entire email program with the ability to drill down by a specific policy domain.
Getting excited yet? You should be.
We first launched our DMARC tool because the data was readily available, good for the email ecosystem, and it’s a critical part of sending email at scale. We couldn’t be more excited to launch a DMARC redesign based on our direct experience in the weeds taking customers from “p=none” to “p=reject.”
The new and improved 250ok DMARC will be rolling out to select beta customers over the next couple of weeks. If you’d like to participate in our beta testing program, we’d love your feedback.
You may also like...
I recently gave a presentation on global privacy regulations to a post-graduate marketing class and one of the things I noticed while preparing was that even within a single country, privacy is complicated. On a global scale, it is really complicated. For example, Canada has one federal private sector privacy law, three similar provincial laws, […]
*Update: This article was featured on email influencer Jordie van Rijn’s emailmonday blog! To see it in action, plus a great round-up of other articles and thought leadership looking forward to the future of email, click here.* The Black Friday emails are deleted, marketers’ email lists are checked twice, we pretty much know which senders […]
We partnered with the smart folks at Lab42 to research what people really think about marketing email. Do they like how they look on their preferred device? Do they prioritize the same design elements you do? If you’re not aligned with your recipients, you could end up sending unwanted, unsatisfying email. You know what that […]