consulting DMARC microsoft

Add Full DMARC Protection to Office 365

by |Published -Updated

DMARC is a free email authentication protection control that is used alongside SPF and DKIM. When used correctly it provides an effective security policy to help prevent malicious actors from impersonating your email addresses outside of your email system. There are increasing cyber threats against email systems, and any organization needs to be continuously improving their cyber defense against these attacks. Adopting the highest level of protection provided by DMARC may not be easy to attain, but it does offer significant protection.

DMARC Controls

Microsoft have recently announced the ability to set DMARC controls within your anti-phishing policy, allowing them to adhere to the various DMARC control levels of report, quarantine or reject.

https://techcommunity.microsoft.com/t5/exchange-team-blog/announcing-new-dmarc-policy-handling-defaults-for-enhanced-email/ba-p/3878883?WT.mc_id=M365-MVP-9501

There is a reasonable level of effort required to ensure you are using SPF, DKIM and DMARC controls to the maximum protection level. Every organisation should use these controls to establish a minimum security baseline.

DMARC controls within M365 anti-phishing policy.

Often you will be using various applications like MailChimp that send using your email domain. If you enforce DMARC with reject mode then this may impact applications such as these. Changes can be made to applications such as MailChimp to allow for stricter DMARC settings.

See our other DMARC blog post here.

DMARC Consulting Expert

Our consulting team can help your organization utilize the controls for SPF, DKIM and DMARC effectively. This will take some time and involve using a 3rd party DMARC monitoring tool to assess which applications are using your email domain – this is done whilst in DMARC report mode. This step will usually reveal a mix of allowed applications, like Office 365 and MailChimp, and some malicious actor activity.

Further advice on DMARC and capturing useful DMARC information is provided in this great article found on the emailsecurityexperts.com website.

We have successfully helped many organizations achieve full protection with the SPF, DKIM and DMARC controls. This has involved tightening the SPF record for all email domains, including any parked email domains not in use – as these are often missed which results in them being used maliciously.

Reach out to discuss how to improve protection for your emails.

You may also like

Exchange 2019 CU14 Installation and Advice
Published

Exchange 2019 CU14 Installation and Advice

If you are running Exchange 2019 in your environment, including as part of an Exchange Hybrid setup, then you should be running […]

Office 365 Migration|Slow Data Transfer
Published

Office 365 Migration|Slow Data Transfer

Domino to Office 365 Migration|Introduction On a recent Office 365 Migration from Domino I was experiencing very slow data migration speed.   The […]