Add Full DMARC Protection to Office 365

DMARC is a free email authentication protection control that is used alongside SPF and DKIM. When used correctly it provides an effective security policy to help prevent malicious actors from impersonating your email addresses outside of your email system.

Microsoft have recently announced the ability to set DMARC controls within your anti-phishing policy, allowing them to adhere to the various DMARC control levels of report, quarantine or reject.

https://techcommunity.microsoft.com/t5/exchange-team-blog/announcing-new-dmarc-policy-handling-defaults-for-enhanced-email/ba-p/3878883?WT.mc_id=M365-MVP-9501

There is a reasonable level of effort required to ensure you are using SPF, DKIM and DMARC controls to the maximum protection level. Every organisation should use these controls to establish a minimum security baseline.

DMARC controls within M365 anti-phishing policy.

Often you will be using various applications like MailChimp that send using your email domain. If you enforce DMARC to reject mode then this may impact applications such as these. Changes can be made to applications such as MailChimp to allow for stricter DMARC settings.

See our other DMARC blog post here.

Our consulting team can help your organisation utilise the controls for SPF, DKIM and DMARC effectively. This will take some time and involve using a 3rd party DMARC monitoring tool to assess which applications are using your email domain – this is done whilst in DMARC report mode. This step will usually reveal a mix of allowed applications, like Office 365 and MailChimp, and some malicious actor activity.

We have successfully helped many organisations achieve full protection with the SPF, DKIM and DMARC controls. This has involved tightening the SPF records for all email domains, including any parked email domains not in use – as these are often missed which results in them being used maliciously.

Reach out to discuss how to improve protection for your emails.