Page 43 - Cyber Defense eMagazine - November 2017
P. 43

Here are three tips that can help you properly set DMARC policies:


                   •  First, test with a “none” policy. Mailboxes that support DMARC should still send reports
                       on  messages  that  fail  DKIM  and  SPF  checking.  This  can  help  you  identify  legitimate
                       email sources from your domain that you may have overlooked.

                   •  Make  sure  you  follow  the  correct  syntax  when  configuring  your  DMARC  DNS  record.
                       Dmarc.org has a wide range of tutorials and guides that can help you with this.

                   •  Once  you  have  finished  testing  your  DMARC  record,  change  the  policy  to  “reject”  or
                       “quarantine” to instruct recipient mailboxes on how to handle spoofed messages from
                       your domain.

               Configuration  issues  aren’t  the  only  obstacle  here.  DMARC  also  suffers  somewhat  from  the
               “chicken  or  the  egg”  conundrum.  Some  companies  wonder  why  they  should  invest  precious
               resources  into  testing  and  deploying  DMARC  records  for  their  domain  when  recipient  mail
               servers don’t bother verifying emails against them. It is commendable that DMARC’s adoption
               rate was 60 percent by mailboxes after just one year, but that percentage has only grown by 10
               percent as of 2016 according to a recent report by Return Path. DMARC verification by recipient
               servers must increase as well, in order to help slow the growing epidemic of spam and phishing.

               It is in everyone’s best interest to fully adopt protocol standards like SPF, DKIM and DMARC.
               While  they  may  take  some  effort  to  deploy,  the  benefits  are  more  than  worth  it.  Preventing
               spammers from spoofing your company’s domain can help you avoid costly reputation damage
               and  shield  your  customers  from  annoying,  potentially  malicious  emails.  Enabling  DMARC
               verification  on  your  own  mailboxes  for  incoming  messages  can  also  drastically  reduce  your
               chances of falling for convincing phishing attacks.

               About the Author

                                                Marc  Laliberte  is  an  Information  Security  Threat  Analyst  at
                                                WatchGuard Technologies. Specializing in networking security
                                                protocols and Internet of Things technologies, Marc’s day-to-
                                                day  responsibilities  include  researching  and  reporting  on  the
                                                latest  information  security  threats  and  trends.  He  has
                                                discovered,  analyzed,  responsibly  disclosed  and  reported  on
                                                numerous  security  vulnerabilities  in  a  variety  of  Internet  of
                                                Things  devices  since  joining  the  WatchGuard  team  in
                                                2012. With  speaking  appearances  at  industry  events  and
                                                regular  contributions  to  online  IT,  technology  and  security
                                                publications, Marc is a thought leader who provides insightful
               security guidance to all levels of IT personnel.




                   43    Cyber Defense eMagazine – November 2017 Edition
                         Copyright © 2017, Cyber Defense Magazine,  All rights reserved worldwide.
   38   39   40   41   42   43   44   45   46   47   48