Don’t you hate it when email scammers trick you into revealing personal data under the guise of a trusted contact? Exactly. Your email list subscribers hate it too. And the damage becomes more serious when the scam is being perpetrated with your name. That is why you need a DMARC checking tool.
Phishing is a very common form of email fraud and it can lead to long-term negative effects for your business if left unchecked.
Someone getting scammed is bad enough. If they have this horrible experience while looking at your company’s name and trusting that they’re doing the right thing, it is even worse.
They will be disappointed and think to themselves “Nobody is safe online anymore. I thought they would have better security since they claim to be a professional company…”
While you may think that your perceived reputation is immaterial and therefore out of your control, there is also the issue of the very real sender reputation.
Sender reputation is a concrete metric that an Email Service Provider (ESP) takes into account to determine whether your emails are relevant and secure enough for your subscribers to get in their inboxes.
If the scales tilt toward “No”, your messages will wind up directly in the spam folder. In extreme cases, your emails may not even be sent at all. At that point, it won’t matter how well your emails are written if nobody can read them.
Having a reliable track record of being a trustworthy source is a net benefit, but how exactly do you go about achieving it? Moreover, how do you stop a person harboring malicious intent from using your hard-earned track record as a front to deceive people?
We have put this overview together to answer these important questions. Read below to learn about how to implement DMARC and how reading a DMARC report works.
The basics of DMARC
DMARC (Domain-based Message Authentication, Reporting, and Conformance) is an email authentication protocol created in 20212 to protect email senders from phishing and spam.
This is achieved by adding a header to emails that verify the email sender’s domain name.
It extends two existing email authentication mechanisms, namely SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail). You can publish a policy in your DNS records to specify which of the two mechanisms (or both) is used for emails sent from that domain.
This protocol allows senders to specify how to treat emails from their domain, depending on what results are given by the DMARC check. If the checks are cleared, the message will be treated as if it was sent from the domain in the “From: ” header. On the other hand, if the checks fail, the email is rejected.
If that is the case, the sender can also choose a policy for when the messages don’t pass the required checks. This policy will ask the recipient to do one of two things:
- Bounce the message
- Treat it as if it wasn’t sent from the domain specified in the “From: “ header
The DMARC Checking Tool We Love
You can get a DMARC report from Google and many other online tools, but Postmark is our preferred DMARC checking tool.
Postmark is an SMTP (Simple Mail Transfer Protocol) service that we use a lot internally and for many of our clients, for its great deliverability. We send everything through it, from receipts and WordPress membership login emails to ticket emails and anything from our backend systems.
However, the main feature that we use is the DMARC reporting service. With this DMARC checking tool, you simply enter your email address and the domain on which you want to get reports. It generates a DNS entry for the DMARC record that needs to be added to your DNS. Afterward, they start checking your DMARC, sending you a weekly email report. You can see what that looks like in the picture below, on the right side.
It will show you how many emails using the DMARC record were processed. Next to that, you will have the percentage of emails that passed SPF or DKIM and ones that failed one check or the other.
Additionally, you have a list of all IP addresses sending emails from your domain, with their own pass/fail percentages.
Additionally, you can use Postmark to receive feedback concerning how aligned your email sending practices are with the policy assigned to a specific domain. This feedback can help you ensure that your communication via email is in sync with the recipient’s expectations.
This service is free and you can unsubscribe at any time.
In cases where you require more details instead of a weekly digest, Postmark offers a $10/domain/month service called Postmark Digests. Aside from giving you a more detailed history, the data is presented in an easy-to-read manner to better help you leverage it to solve any potential issues.
Assistance Setting Up a DMARC Checking Tool
As mentioned previously, it won’t matter how well your emails are written or how well you can connect with your audience, if your reputation gets tarnished and your emails rejected.
The problem is that not many business owners take the time to set up the first line of defense against the myriad scams that are being run online. They just fly in blind and hope they won’t be targeted.
Instead, we suggest you give DMARC a shot. You can read more about the topic right on this page. It goes into more detail about the various technical aspects, to help you better understand this authentication protocol.
We truly believe that technology is one of the most important tools we can use to scale our businesses. On the other hand, we are fully aware not everyone is as knowledgeable in this area, so we are always eager to lend a helping hand in using a DMARC checking tool!
Simply contact us right here and we will schedule a call to talk all about how you can protect your brand online, all the while increasing your sender reputation!