Top Stories Regarding DMARC, SPF, DKIM, BIMI, and Email Authentication

Email authentication tools such as DMARC, SPF, and DKIM, have become a necessity to ensure email security in today’s times. This post looks at recent developments in DMARC, SPF, DKIM, and BIMI.

DKIM is the authentication protocol that survives email forwarding, says Brad Slavin, General Manager of DuoCircle. When SPF fails because a forwarder’s IP isn’t in the original record, DKIM alignment is the only path to DMARC pass. That’s why we monitor DKIM alongside SPF in every DMARC Report dashboard.

The three core email authentication standards - SPF (RFC 7208), DKIM (RFC 6376), and DMARC (RFC 7489) - work together to verify that an email genuinely originates from the domain it claims to represent. Since February 2024, Google and Yahoo require all three for bulk senders.

BIMI is Still a New Trend for Businesses

BIMI has been the choice of businesses in the past, especially after its boost in popularity when Gmail added support for BIMI (Brand Indicators for Message Identification) in 2021. The adoption of BIMI has been on the rise, with many organizations and email providers including it in their services.

Email marketing solution business, Validity recently partnered with Red Sift, a cloud email platform to aid organizations worldwide to comply with DMARC standards and boost email marketing campaigns. From security updates to **reduced phishing to brand awareness, BIMI provides everything and now appears in all emails sent to AOL Fastmail, Pobox, Gmail, and Yahoo Mail addresses, with plenty of other service providers adopting it in 2022.

NHS Cyber Attack: 1157 Phishing Emails Sent

Inky, a cloud security firm, discovered that cybercriminals sent 1,157 phishing emails targeting Microsoft users using NHS mail between October last year and March 2022. The emails contained a link that redirected users to fake Microsoft 365 login pages designed to steal their credentials.

The prolonged phishing attack compromised nearly 139 NHS customer email accounts. With sophisticated email phishing campaigns and email security at risk, you should be aware of various email spoofing, phishing, BEC (Business Email Compromise), and domain spoofing attacks and how you can protect your organization from these in a time when email authentication and security is of utmost importance.

DMARC Policies Are Up By 84%

2021 marked an excellent year for DMARC adoption as the number of DMARC policies rose a whopping 84% compared to the previous year. The total number of unique records recorded throughout 2021 was nearly 5 million. DMARC adoption has seen accelerated growth, with more organizations having started employing DMARC records for enhanced deliverability and email security.

Experts calculated the 84% increase in DMARC policies per the DNS requests in the data collected by DomainTools.com. The total DMARC records at the end of 2020 were 2,704,575, which rose to 4,974,390 by December 2021, with “none” policies implemented in 65.6%, “reject” policies in 23%, and “quarantine” policies in 11.4% of the cases. Furthermore, numbers indicate that the number of people using none policies is decreasing with the other policies becoming more popular in recent years. You can read the full statistics on DMARC.org.

MSP Expo 2022’s New Silver Sponsor

PowerDMARC, a cloud-based email authentication services provider, is going to be a silver sponsor for the 2022 MSP (Managed Service Provider) Expo. The MSP Expo at Fort Lauderdale is an expo that brings together channel partners and MSPs to combine and learn new industry skills with their peers and share the latest trends in DMARC, email security, collaboration, cloud, and IT services, and more.

You can find PowerDMARC’s SaaS platform at booth 763 starting June 21, 2022, where you can gain valuable insights into their services. The expo is an excellent place to be as it will provide excellent visibility and **top-of-the-line security tools to protect against BEC, social engineering, and email spoofing attacks.

Sources

• RFC 7208 - Sender Policy Framework (SPF)
• RFC 7489 - Domain-based Message Authentication, Reporting, and Conformance (DMARC)