Tuesday 29 Jan 2019
If you send emails externally, and especially if you send them in bulk to important people (stakeholders, customers, the media) then you need to know about DMARC. If your company does not have a DMARC policy in place, then increasingly, your beautifully crafted messages will be binned before anyone sets eyes on them. Sorry about that.
Domain-based Message Authentication, Reporting and Conformance
It's a set of instructions maintained by your company which helps other organisations identify which emails actually come from your organisation and what to do with imposters
Because it's becoming the norm and if you don't have a policy pretty soon you'll see your emails getting binned
Yes it is, but if you as a communicator use systems which send emails on your behalf, such as Mailchimp, PRgloo, Vuelio etc, then you need know about it
Put simply, DMARC allows companies to prove that emails they send (or someone sends on their behalf), actually come from them (or come from someone else, but with their blessing). It also provides an instruction manual telling other systems what to do with fraudulent emails.
DMARC kills what we call ‘phishing’ or ‘spoofing’. This is when someone sends an email pretending to be from, say, eBay asking you to confirm your account details so they can then steal all your money and it’s why you will have noticed a massive decline in these types of emails in your inbox. This is obviously a very good thing.
But it’s not only good in a “let’s make the internet a better place” kind of way. DMARC also has more tangible and immediate benefits. For example, it can increase the deliverability rate of your emails as destination systems see that they’re all marked with the gold standard of legitimacy. Basically, the firewalls (who are all frantically engaged in detective work to see if each of the millions of emails they deal with are good, bad, or ugly) all breathe a sigh of relief when they see your email coming and say:
“Ahh. DMARC? So good to see you. Go send your messages to whoever you want within our company and all the best to you”. Which is nice!
DMARC is a very, very, very good thing and it helps all of us.
If you send to journalists and stakeholders via Outlook or similar, then you should ask your IT team if they have a DMARC policy. Ideally, they will reply that they do and you can carry on with your day.
If your company has a DMARC policy, and you use other tools to send emails on your behalf (such as Mailchimp, PRgloo, Vuelio etc) you need to be sure that these third parties can provide you with the relevant information to add to your DMARC policy so that emails which come via them from you, are seen as having your blessing.
If the above happens, then you will have the gold standard of email deliverability: a sure-fire way of proving that your emails are legitimate and not from some annoyingly bright underage hacker who’s after your money, personal data, pant size etc.
Speak to the organisations you use and tell them you have a DMARC policy. They'll know what to do from here. At PRgloo we are proactively contacting everyone of our customers to provide this information so that they are properly armed with the information they need.