---
title: "Real-world Case Studies of Brands Successfully Implementing DMARC, DKIM, and SPF | DMARC Report"
description: "Email security is the chief concern of businesses and organizations worldwide."
image: "https://dmarcreport.com/og/blog/real-world-case-studies-of-brands-successfully-implementing-dmarc-dkim-and-spf.png"
canonical: "https://dmarcreport.com/blog/real-world-case-studies-of-brands-successfully-implementing-dmarc-dkim-and-spf/"
---

Quick Answer

real-world

Share 

[ ](https://www.linkedin.com/sharing/share-offsite/?url=undefined%2Fblog%2Freal-world-case-studies-of-brands-successfully-implementing-dmarc-dkim-and-spf%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=Real-world%20Case%20Studies%20of%20Brands%20Successfully%20Implementing%20DMARC%2C%20DKIM%2C%20and%20SPF&url=undefined%2Fblog%2Freal-world-case-studies-of-brands-successfully-implementing-dmarc-dkim-and-spf%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=undefined%2Fblog%2Freal-world-case-studies-of-brands-successfully-implementing-dmarc-dkim-and-spf%2F "Share on Facebook") [ ](https://reddit.com/submit?url=undefined%2Fblog%2Freal-world-case-studies-of-brands-successfully-implementing-dmarc-dkim-and-spf%2F&title=Real-world%20Case%20Studies%20of%20Brands%20Successfully%20Implementing%20DMARC%2C%20DKIM%2C%20and%20SPF "Share on Reddit") [ ](mailto:?subject=Real-world%20Case%20Studies%20of%20Brands%20Successfully%20Implementing%20DMARC%2C%20DKIM%2C%20and%20SPF&body=Check out this article: undefined%2Fblog%2Freal-world-case-studies-of-brands-successfully-implementing-dmarc-dkim-and-spf%2F "Share via Email") 

![Real-world Case Studies of Brands Successfully Implementing DMARC, DKIM, and SPF](https://media.mailhop.org/dmarcreport/images/2022/04/dmarc-alignment-6379.jpg) 

## Try Our Free DMARC Checker

Validate your DMARC policy, check alignment settings, and verify reporting configuration.

[ Check DMARC Record → ](/tools/dmarc-checker/) 

Email security is the \*\*chief concern of businesses and organizations worldwide. This article sheds light on the growing need for email security and \*\*email deliverability and shares real-world case studies of brands that have successfully implemented DMARC, DKIM, and SPF and why other businesses need to follow suit.

> The most common mistake we see during DMARC setup is jumping straight to p=reject without monitoring first, says Vasile Diaconu, Operations Lead at DuoCircle. Start at p=none, analyze your reports for at least a full quarter - you need to catch monthly, quarterly, and annual email senders that only fire periodically. Then fix any legitimate senders that fail before enforcing. We walk every customer through this sequence.

DMARC ([RFC 7489](https://datatracker.ietf.org/doc/html/rfc7489)) ties SPF and DKIM together by requiring alignment between the envelope sender and the visible `From` header. According to Google’s February 2024 bulk sender requirements, a DMARC policy of at least `p=none` is now mandatory for any domain sending 5,000+ messages per day to Gmail users.[Email security](https://dmarcreport.com/blog/why-email-security-matters-and-how-to-get-it-right/) is becoming increasingly important as cyber threats continue to evolve, and businesses need to take steps to protect themselves and their customers from these threats. The best way to achieve this is by **implementing DMARC**, DKIM, and SPF. In this article, we will explore real-world case studies of brands that have \*\*successfully implemented DMARC, DKIM, and SPF to improve their email security and protect their customers from fraud.

![Gmail dmarc](https://media.mailhop.org/dmarcreport/images/2023/02/gmail-dmarc-7668.jpg) 

## Real-world Case Studies of Brands Successfully Implementing DMARC, DKIM, and SPF

### \*\*1\. PayPal One of the most successful implementations of DMARC, along with DKIM and SPF, was from PayPal. _PayPal, along with Google, Yahoo, and Microsoft, published the DMARC standard in 2012 to help boost email security and prevent email abuse._ Paypal has been one of the \*\*major brands that have always been in support of email security and experienced a significant reduction in

email spoofing and [phishing](https://dmarcreport.com/blog/phishing-smishing-vishing-everything-you-need-to-know/), protecting its users and the organization from \*\*potential losses by implementing DMARC, DKIM, and SPF.

> 

Back in 2013, the chair of DMARC.org and senior policy advisor at PayPal, Trent Adams, [said](https://dmarc.org/press/release-20130206/), “DMARC is a \*\*testimony to the private sector and market-driven collaboration to combat a real problem on the Internet.” Since its announcement in January 2012, DMARC has protected leading brands worldwide. Trent added, “The successful adoption of DMARC has been phenomenal. And the \*\*effectiveness proves that any brand owner interested in increasing protection of their email stream should deploy DMARC today.”

Paypal has been on a **steady rise**, onboarding more and more users each year, and it has [grown](https://www.statista.com/statistics/218493/paypals-total-active-registered-accounts-from-2010/) like \*\*clockwork since 2013.

## 2\. LinkedIn

Linked has been making headlines worldwide for its large network, serving as one of the most important professional **networking platforms**. However, LinkedIn’s popularity has also been a bane for the organization as threat actors have not left \*\*even a single chance to take advantage of LinkedIn in emails and cyberattacks.

LinkedIn has been the most imitated brand, with threat actors impersonating LinkedIn the most in phishing emails in [Q1 and Q2 of 2022](https://www.checkpoint.com/press-releases/scammers-most-likely-to-impersonate-dhl-warns-new-brand-phishing-report/#:~:text=While%20LinkedIn%20was%20the%20most,of%20all%20phishing%20attempts%20worldwide.). The platform’s email security has also been questioned more than once, which is why it was a significant step in implementing the \*\*best email security standards via DMARC, DKIM, and SPF. LinkedIn has successfully implemented DMARC, DKIM, and SPF to improve the security of its email communications and \*\*protect its domain from fraudulent emails and phishing attempts.

As [highlighted](https://www.linkedin.com/help/linkedin/answer/a704821) in its help center, LinkedIn has been implementing DMARC to prevent email spoofing and follows the \*\*“p=reject” policy to reject all unauthenticated emails. Furthermore, the brand also uses SPF to indicate authorized IPs (Internet Protocols) and DKIM to associate domains with emails using **crypto signatures**. Since the platform has updated its postmaster information in the last months, the organization has strengthened its email security and platform.

The platform also released [features](https://www.bleepingcomputer.com/news/security/linkedins-new-security-features-combat-fake-profiles-threat-actors/) to check when a profile was created and introduced \*\*AI technology to scan uploads to prevent fraudulent activity.

![Dmarc report](https://media.mailhop.org/dmarcreport/images/2023/02/dmarc-report-7668.jpg) 

## 3\. Bank of America

Bank of America, like many other financial institutions, has implemented DMARC as a way to \*\*improve the security of its email communications. Bank of America leveraged DMARC but had the **policy set to “none”** for a long time before they [changed it](https://dmarc.org/2016/12/updates-to-who-is-using-dmarc/). With the “none” policy, the Bank of America only received reports, but the institution switched the policy to “quarantine” in 2016 to protect its users by sending all emails failing authentication to the spam or junk folders. Changing the policy helped to prevent malicious actors from sending fraudulent emails that appear to come from Bank of America and protect its customers from falling victim to phishing and email spoofing. Additionally, [DMARC](https://dmarcreport.com/) also allowed the Bank of America to \*\*monitor and receive reports on messages that passed or failed DMARC evaluation ; this way, they could keep track of any suspicious activity and take necessary actions to prevent any **security breaches**.

The Bank of America also strengthened its other sectors, experiencing [steady growth](https://www.macrotrends.net/stocks/charts/BAC/bank-of-america/revenue#:~:text=Bank%20Of%20America%20annual%20revenue,a%2017.46%25%20decline%20from%202019.) from the end of 2016 to 2019 .

## Why Businesses Should Learn and Start Implementing DMARC, DKIM, and SPF

Email security is of the utmost importance in today’s digital landscape, and brands constantly seek ways to protect their domains from email threats and phishing. \_DMARC, DKIM, and SPF are email authentication protocols that work together to authenticate the sender’s identity and ensure that the email comes from a legitimate source. \_By implementing these, businesses can ensure \*\*top-of-the-line email security and [deliverability](https://community.hubspot.com/t5/Email-Deliverability/Email-Deliverability-Trends-and-Predictions-for-2023/td-p/740910).

Big brands such as LinkedIn, Google, Bank of America, Twitter, and PayPal have successfully implemented DMARC, [DKIM](https://dmarcreport.com/what-is-dkim/), and SPF to improve the security of their email communications and protect their customers from email fraud, email spoofing, and email-related cyber threats such as phishing attempts and [malware](https://www.bleepingcomputer.com/news/security/new-headcrab-malware-infects-1-200-redis-servers-to-mine-monero/) drops.

Businesses can learn from these big brands and implement these protocols to improve the security of their email communications and protect their customers from email fraud and phishing attempts. By implementing these **protocols**, businesses can protect their [domains](https://www.bleepingcomputer.com/news/security/domain-shadowing-becoming-more-popular-among-cybercriminals/) from fraudulent emails and phishing attempts, which can be used to trick recipients into giving away sensitive information or clicking on **malicious links**.

## Final Words

Implementing DMARC, DKIM, and [SPF](https://dmarcreport.com/what-is-spf/) protocols is crucial in protecting a brand’s email security .

These protocols provide authentication for the \*\*email sender and ensure that the email has not been tampered with, which helps protect the company and its customers from potential losses caused by threat actors utilizing the shortcomings as opportunities for phishing, email spoofing, and other email-related threats. As seen in the above case studies, many brands have successfully implemented these protocols and have seen \*\*significant improvements in their email security.

## Topics

[ dkim ](/tags/dkim/)[ email security ](/tags/email-security/)[ News ](/tags/news/) 

![Brad Slavin](https://media.mailhop.org/dmarcreport/images/team/brad-slavin.jpg) 

[ Brad Slavin ](/authors/brad-slavin/) 

General Manager

Founder and General Manager of DuoCircle. Product strategy and commercial lead for DMARC Report's 2,000+ customer base.

[LinkedIn Profile →](https://www.linkedin.com/in/bradslavin) 

## Take control of your DMARC reports

Turn raw XML into actionable dashboards. Start free - no credit card required.

[Start Free Trial](https://app.dmarcreport.com/) [Check Your DMARC Record](/tools/dmarc-checker/) 

## Related Articles

[  Foundational 4m  Akira flaunts victims, Idaho targets orthodontist, AI granny protects  Nov 22, 2024 ](/blog/akira-flaunts-victims-idaho-targets-orthodontist-ai-granny-protects/)[  Foundational 4m  Ambient Light Spying, Cybersecurity Prices Drop, Euro 2024 Threats  Jul 10, 2024 ](/blog/ambient-light-spying-cybersecurity-prices-drop-euro-2024-threats/)[  Foundational 4m  Banks Drop OTPs, Major Cyber Heist, Spying Spouses Arrested  Jul 18, 2024 ](/blog/banks-drop-otps-major-cyber-heist-spying-spouses-arrested/)[  Foundational 4m  Car Cameras Hackable, UK Water Breach, Thailand Frees Captives  Feb 28, 2025 ](/blog/car-cameras-hackable-uk-water-breach-thailand-frees-captives/)

```json
{"@context":"https://schema.org","@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com","logo":{"@type":"ImageObject","url":"https://dmarcreport.com/images/dmarcreport-logo.png"},"description":"DMARC reporting and email authentication management. Monitor aggregate and forensic DMARC reports, analyze authentication results, and enforce DMARC policies across all your domains.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.wikidata.org/wiki/Q138898167","https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.g2.com/products/dmarc-report/reviews","https://github.com/duocircle","https://www.crunchbase.com/organization/duocircle-llc","https://www.trustradius.com/products/duocircle/reviews"],"aggregateRating":{"@type":"AggregateRating","ratingValue":"4.8","reviewCount":"470","bestRating":"5","worstRating":"1","url":"https://www.g2.com/products/dmarc-report/reviews"},"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://dmarcreport.com/support/"},"knowsAbout":["DMARC","DMARC Reporting","DMARC Aggregate Reports","DMARC Forensic Reports","Sender Policy Framework","DKIM","Email Authentication","Email Security","DNS Management","Email Deliverability"]}
```

```json
{"@context":"https://schema.org","@type":"WebSite","name":"DMARC Report","url":"https://dmarcreport.com","description":"DMARC reporting and email authentication management. Monitor aggregate and forensic DMARC reports, analyze authentication results, and enforce DMARC policies across all your domains.","publisher":{"@type":"Organization","name":"DMARC Report","url":"https://dmarcreport.com","logo":{"@type":"ImageObject","url":"https://dmarcreport.com/images/dmarcreport-logo.png"},"description":"DMARC reporting and email authentication management. Monitor aggregate and forensic DMARC reports, analyze authentication results, and enforce DMARC policies across all your domains.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}}
```

```json
[{"@context":"https://schema.org","@type":"BlogPosting","headline":"Real-world Case Studies of Brands Successfully Implementing DMARC, DKIM, and SPF","description":"Email security is the chief concern of businesses and organizations worldwide.","url":"https://dmarcreport.com/blog/real-world-case-studies-of-brands-successfully-implementing-dmarc-dkim-and-spf/","datePublished":"2023-02-07T08:07:23.000Z","dateModified":"2026-04-16T15:53:43.000Z","dateCreated":"2023-02-07T08:07:23.000Z","author":{"@type":"Person","@id":"https://dmarcreport.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://dmarcreport.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin is the founder and General Manager of DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. He founded DuoCircle in 2014 and has led the company's growth to 2,000+ customers across its email security product family. Brad's focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/dmarcreport/images/team/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"DMARC Report","url":"https://dmarcreport.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com","logo":{"@type":"ImageObject","url":"https://dmarcreport.com/images/dmarcreport-logo.png"},"description":"DMARC reporting and email authentication management. Monitor aggregate and forensic DMARC reports, analyze authentication results, and enforce DMARC policies across all your domains.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.wikidata.org/wiki/Q138898167","https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.g2.com/products/dmarc-report/reviews","https://github.com/duocircle","https://www.crunchbase.com/organization/duocircle-llc","https://www.trustradius.com/products/duocircle/reviews"],"aggregateRating":{"@type":"AggregateRating","ratingValue":"4.8","reviewCount":"470","bestRating":"5","worstRating":"1","url":"https://www.g2.com/products/dmarc-report/reviews"},"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://dmarcreport.com/support/"},"knowsAbout":["DMARC","DMARC Reporting","DMARC Aggregate Reports","DMARC Forensic Reports","Sender Policy Framework","DKIM","Email Authentication","Email Security","DNS Management","Email Deliverability"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://dmarcreport.com/blog/real-world-case-studies-of-brands-successfully-implementing-dmarc-dkim-and-spf/"},"articleSection":"foundational","keywords":"dkim, email security, News","wordCount":1013,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/dmarcreport/images/2022/04/dmarc-alignment-6379.jpg","caption":"Real-world Case Studies of Brands Successfully Implementing DMARC, DKIM, and SPF","width":900,"height":600},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}}]
```

```json
{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://dmarcreport.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://dmarcreport.com/blog/"},{"@type":"ListItem","position":3,"name":"Foundational","item":"https://dmarcreport.com/foundational/"},{"@type":"ListItem","position":4,"name":"Real-world Case Studies of Brands Successfully Implementing DMARC, DKIM, and SPF","item":"https://dmarcreport.com/blog/real-world-case-studies-of-brands-successfully-implementing-dmarc-dkim-and-spf/"}]}
```