‘Poorly Configured DMARC Detected'

Hi, Hope someone can respond? My results from Threatview have come back saying:
‘Poorly Configured DMARC Detected - DMARC policy is not configured to quarantine or reject emails which fail validation’
What is DMARC? And how do I configure it to be secure?

DMARC stands for Domain-based Message Authentication, Reporting & Conformance, it’s an email authentication protocol, it helps to protect your domain from unauthorised use, for example from email spoofing.

Thanks for responding, but what’s email spoofing?

So the domain is the portion of the email address that comes after @, threat actors/spammers can try to send emails from a domain they are not authorised to use, they do this to try to trick users in some way, this is email spoofing.

Email spoofing and phishing attacks try to disguise themselves as as an account belonging to your site. Here’s an example of how they would do it:

‘Imagine a spammer sends an email from the address “trustworthy@example.com,” despite the fact that they are not authorized to send email from the “example.com” domain. The spammer would do this by replacing the “From” header in the email with “trustworthy@example.com” — they would not send an email from the actual example.com email server.’

DMARC is essential to protecting your site from spoofing. A strong policy would be configured to place all unauthorised emails into a quarantine, you can even set it up to send reports back to a valid address for monitoring, by monitoring spoofed emails, you can detect hackers as soon as possible.

1 Like

Oh right. Okay it’s good to be made aware or these things. Thanks both for responding – do either of you know how I could configure it to be a strong policy? Is it something I can do?

1 Like

This is a good site to use : DMARC Generator - DMARC Advisor
That should be able to walk you through it, best of luck.

3 Likes

Ah thanks and thanks for your advice and explanations.