If you send emails externally, and especially if you send them in bulk to important people (stakeholders, customers, the media) then you need to know about DMARC. If your company does not have a DMARC policy in place, then increasingly, your beautifully crafted messages will be binned before anyone sets eyes on them. Sorry about that.
What is DMARC?
Domain-based Message Authentication, Reporting and Conformance
What the hell does that mean?
It's a set of instructions maintained by your company which helps other organisations identify which emails actually come from your organisation and what to do with imposters
Why's it important?
Because it's becoming the norm and if you don't have a policy pretty soon you'll see your emails getting binned
Isn't this an IT thing?
Yes it is, but if you as a communicator use systems which send emails on your behalf, such as Mailchimp, PRgloo, Vuelio etc, then you need know about it
Demystifying DMARC
Put simply, DMARC allows companies to prove that emails they send (or someone sends on their behalf), actually come from them (or come from someone else, but with their blessing). It also provides an instruction manual telling other systems what to do with fraudulent emails.
DMARC kills what we call ‘phishing’ or ‘spoofing’. This is when someone sends an email pretending to be from, say, eBay asking you to confirm your account details so they can then steal all your money and it’s why you will have noticed a massive decline in these types of emails in your inbox. This is obviously a very good thing.
But it’s not only good in a “let’s make the internet a better place” kind of way. DMARC also has more tangible and immediate benefits. For example, it can increase the deliverability rate of your emails as destination systems see that they’re all marked with the gold standard of legitimacy. Basically, the firewalls (who are all frantically engaged in detective work to see if each of the millions of emails they deal with are good, bad, or ugly) all breathe a sigh of relief when they see your email coming and say:
“Ahh. DMARC? So good to see you. Go send your messages to whoever you want within our company and all the best to you”. Which is nice!
DMARC is a very, very, very good thing and it helps all of us.
Why should I care?
If you send to journalists and stakeholders via Outlook or similar, then you should ask your IT team if they have a DMARC policy. Ideally, they will reply that they do and you can carry on with your day.
If your company has a DMARC policy, and you use other tools to send emails on your behalf (such as Mailchimp, PRgloo, Vuelio etc) you need to be sure that these third parties can provide you with the relevant information to add to your DMARC policy so that emails which come via them from you, are seen as having your blessing.
If the above happens, then you will have the gold standard of email deliverability: a sure-fire way of proving that your emails are legitimate and not from some annoyingly bright underage hacker who’s after your money, personal data, pant size etc.
What Should I Do Next?
Speak to the organisations you use and tell them you have a DMARC policy. They'll know what to do from here. At PRgloo we are proactively contacting everyone of our customers to provide this information so that they are properly armed with the information they need.
Want to know more about the ins and outs of DMARC? Read on..