{"id":376,"date":"2021-03-15T10:00:34","date_gmt":"2021-03-15T10:00:34","guid":{"rendered":"https:\/\/prodmarc.com\/blog\/?p=376"},"modified":"2022-07-28T06:22:44","modified_gmt":"2022-07-28T06:22:44","slug":"dmarc-email-authentication-techniques-to-filter-out-phishing-emails","status":"publish","type":"post","link":"https:\/\/testblog.prodmarc.com\/index.php\/2021\/03\/15\/dmarc-email-authentication-techniques-to-filter-out-phishing-emails\/","title":{"rendered":"How can DMARC prevent the misuse of your domain?"},"content":{"rendered":"\n\n\n
\"\"<\/figure>\n\n\n\n

The ability to create fake emails has long been used by cybercriminals as a tool for the deployment of spam, phishing attacks, or malware, and has been so since email was invented. DMARC is an easy way to give an email recipient the opportunity to verify an email’s validity with additional security that makes it easier to recognize.<\/p>\n\n\n\n

<\/div>\n\n\n\n

It is understood that cybercriminals copy well-known brands and use the trusted reputation of the brand to send emails to recipients and orchestrate an impostor. The offenders end up giving away confidential data such as credit card pins, passwords or even end up making payments to the impostors.<\/span><\/p>\n\n\n\n

<\/div>\n\n\n\n

What is DMARC?<\/strong><\/h4>\n\n\n\n

DMARC (Domain-based Message Authentication, Reporting & Conformance)<\/strong> is an email protection service that enables the identification and prevention of email spoofing. The aim of DMARC is to wage war on email phishing scams<\/strong>, where the address of the sender has been forged to look as if it came from a legitimate organization.<\/span><\/p>\n\n\n\n

<\/div>\n\n\n\n

How does DMARC protect your domain emails?<\/strong><\/h4>\n\n\n\n

For an organization that sends emails to its customers, DMARC guarantees that valid emails are authenticated and the identity of the sender is checked by the email service provider of the recipients. Fraudulent emails that tend to be originating from domains under the jurisdiction of the company are blocked. In its DMARC policy<\/strong>, the organization can also include domains that do not send emails or even defensively registered domains.<\/span><\/p>\n\n\n\n

<\/div>\n\n\n\n

Inbound emails that fail DMARC authentication<\/strong> do not enter the inbox of the recipient, so phishing emails<\/strong> are filtered out. So, if you get an Income Tax Department email with a “From” address with intimations@cpc.gov.in, did cpc.gov.in really approve the message?<\/span><\/p>\n\n\n\n

<\/div>\n\n\n\n

DMARC is built on two existing and widely deployed email authentication techniques, the Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM).<\/span><\/p>\n\n\n\n

<\/div>\n\n\n\n

SPF-<\/strong> enables domain owners to approve hosts who can use the “MAIL FROM” or “HELLO” identifier with their domain name. A list of hosts that are permitted to use a specific domain name is published as a specially formatted TXT record in the Domain Name System (DNS) records of that domain.<\/span><\/p>\n\n\n\n

<\/div>\n\n\n\n

DKIM<\/strong>– allows a digital signature for a domain owner tag and email message. Email authentication is performed using the public key of the signer, which is published in the DNS. A valid signature ensures that, since the signature was attached, at least some parts of the email have not been changed.<\/span><\/p>\n\n\n\n

<\/div>\n\n\n\n

While SPF and DKIM helped identify fake emails, neither of these protocols included a way to report what and why messages were denied. DMARC addresses this issue by enabling domain owners to tag sent messages to prove validity with certain domain identifiers.<\/span><\/p>\n\n\n\n

<\/div>\n\n\n\n

It provides instructions for receiving email servers on how to deal with messages that fail authentication tests for SPF and DKIM; and also provides a reporting system to convey what activities were taken under the policies.<\/span><\/p>\n\n\n\n

<\/div>\n\n\n\n

Benefits of DMARC<\/strong><\/h4>\n\n\n\n

What separates DMARC from other protocols for email authentication is its reporting feature. You can see who sends emails on behalf of your domain, your brand, with DMARC, and stop spammers from using it to send fake emails.<\/span><\/p>\n\n\n\n

<\/div>\n\n\n\n

DMARC’s reporting function means that receivers activated by DMARC can tell you:<\/span><\/p>\n\n\n\n

<\/div>\n\n\n\n