Overview
The Problem
Email is the #1 way attackers target citizens and government employees.
Why it Works
Email lacks build-in authentication:
Attackers can easily spoof or impersonate anyone in your organisation using free tools
Attackers need to be right just once:
With billions of emails hitting government inboxes, odds are in the attacker's favor
Email gateways can't solve the problem:
Attackers rely on social engineering tactics and identity deception, not malicious content or URLs that traditional tools were built to detect
The Solution
DMARC functions like an ‘identity check’ for your agency. It prevents spammers and criminals from hijacking your valid organisation domain names and brand for email.
What is DMARC?
DMARC (Domain-based Message Authentication Reporting & Conformance) is an open email authentication protocol, established in 2012 by organisations including Google, Microsoft, Agari, PayPal, and others to protect the email channel. DMARC is the best way for email senders and receivers to determine whether or not a given message is legitimately from the sender, and what to do if it isn’t.
Benefits of Deploying DMARC for Your Agency
Stop email phishing attacks using your agency’s reputation
Reduce account takeover risk
Increase email deliverability
Gain visibility into cyberattack risk
The Public Sector Perspective
The NCSC’s tool, Mail Check, helps organisations assess their email security compliance. Mail Check has an enforcement rate of 60% (percentage of domains protected by a DMARC policy of Reject), but when using solutions lacking in visibility we often find domains pushed to Reject prematurely, potentially causing more damage than good with blocked legitimate business-critical mail.1
1 NSCC Annual Review 2023, p. 9: https://www.ncsc.gov.uk/collection/annual-review-2023/resilience
DMARC Enforcement Policies
What is a DMARC Enforcement Policy?
When you set a DMARC policy for your agency you, as an email sender, are indicating that your messages are protected.
The policy tells a receiver what to do if one of the authentication methods in DMARC passes or fails.
How it Works
When emails are received by the mailbox provider, the receiver checks if DMARC has been activated for your domain.
What Does a DMARC Policy Look Like?
Here’s a typical policy in DNS. Note that this domain is configured with a policy of ”reject”.
DMARC record for agari.com:
Steps to DMARC Implementation
How Do I Get Visibility and Reporting from DMARC?
Once your DMARC policy is implemented, you will start to receive thousands of reports every day, depending upon the number of emails your organization sends. Because it’s difficult to process the reports manually, you can work with a commercial vendor to display and process the data. Commercial software such as Agari DMARC Protection can help with DMARC policy creation and hosting, third-party sender identification and alignment, and ongoing visibility as you progress through your DMARC implementation. In fact, Fortra’s Agari DMARC Protection ensures companies reach Reject confidently and securely, boasting an enforcement rate of 78%.
See how Agari DMARC Protection automates DMARC email authentication
and enforcement for government agencies to prevent costly phishing attacks.