Email marketing is one of the most successful channels of customer engagement and ROI. It is used by marketers across the globe to send millions of emails daily under the umbrella of promotional, transactional and Newsletter campaigns. Therefore, it sees a lot of bad actors trying to bombard users with emails by using domain addresses illegally. These bad actors practice what is commonly known as ‘phishing’, where they send users emails from brand domain names from their servers to extract personal information from the users.
To reduce phishing we at Octane have started practicing DMARC i.e. Domain-based Message Authentication, Report and Conformance that makes it impossible that a user will see a fake/fraudulent email from a brand’s domain name. DMARC is a relatively new security protocol (just 2 years old) created by a group of organizations to help reduce the potential email-based abuse. It has already been applied by major ISPs like AOL, Gmail, Hotmail and Yahoo Mail.
With the help of authentication protocols SPF and DKIM, emails from secure servers, DMARC can only reach a user’s inbox.
How will DMARC help you?
- You receive feedback on every mail that didn’t pass the DMARC test and hence you can improve on your email visibility.
- It stops emails form unrecognised servers to reach the inbox of the end user.
- Establish a policy for email hygiene with the ISPs (Yahoo, AOL etc.).
- A good DMARC policy improves trust in your email marketing efforts and over a period of time it increases brand reputation.
What should be the first step towards DMARC?
Has your ESP mentioned SPF (Sender Policy Framework) and DKIM (Domain Keys Identified Mails) authentication with you? Legitimate email marketers have to ensure that their email campaigns are authenticated via SPF and DKIM, in order to prevent any deliverability challenges with ISPs.
Now Update your DNS:
When you have checked that SPF and DKIM both are working, put your DMARC details on your DNS (Domain Name System). This will block external senders to use your domain to send fake emails.
Modify your DMARC flag:
After publishing your DMARC policies on your DNS; internally check three specific flags of DMARC on your server and chose the setting that fits you best.
DMARC has specified 3 flags: Quarantine, Reject and None.
- If you set your DMARC setting as ‘none’, anyone is allowed to send emails using your domain from any server and you won’t know about it.
- If you set your settings to ‘quarantine’ you will start getting notification about who is sending emails using your domain but not your server.
- If you set it to ‘reject’, no one would able to send emails via your domain other than you own servers. Their mails will bounce.
DMARC and Octane:
At Octane.in we believe in practicing and following all policies that help in creating a better email ecosystem, in this case the DMARC policy. We support DMARC on our platform and before our client’s on-boarding, we get the SPF and DKIM for their domain done for better deliverability. Additionally, we have successfully implemented DMARC on our domain as well.
If you are seeking help to understand and apply DMARC for your email services, please email us at firstname.lastname@example.org. We will be happy to help!
For any queries and details please feel free to drop us an email at email@example.com.
If you’re interested in a more technical explanation, you’ll find it here.