At EasyDMARC, we believe in making email security as hassle-free as possible. One way we do this is by integrating our services with other IT solutions. That’s why we’re excited to announce our latest integration with Autotask PSA, a solution that will help our valued MSPs further protect their clients and efficiently manage their operations. Key Benefits The Autotask PSA integration streamlines operations for MSPs by enabling: Seamless Customer Mapping – Link your Autotask customers with corresponding domain groups in EasyDMARC for unified management. Flexible Reporting Configuration – Select which domains to report to Autotask for each mapped customer, giving you complete control over visibility and granularity. Automated Ticket Creation – Generate Autotask tickets automatically based on alerts triggered within the EasyDMARC platform, ensuring a timely response to security events. Contact Us Features & Functionalities 1. Authentication Setup Before you can start exploring the features and functionalities of the integration, you need to first link your accounts. To authenticate the connection between your EasyDMARC and Autotask PSA accounts, you’ll need to provide: Your API Tracking Identifier Your Username (Key) Your Password (Secret) These credentials allow secure communication between both platforms and must be configured before proceeding. 2. Customer Mapping Configuration With this integration, you can connect your customer data across both platforms by mapping: Domain Groups (from EasyDMARC) to Accounts (in Autotask PSA) Each mapping requires selecting a corresponding Contract linked to the Autotask Account Flexible mapping options: The mapping enables you to: Map one Domain Group to multiple Autotask Accounts Map multiple Domain Groups to a single Autotask Account You’ll receive email notifications if any issues arise with your mapped pairs. 3. Billing Configuration Settings Determine how domain reporting works and synchronizes between platforms: Enable or disable domain reporting If disabled, you can still use the integration for Alerting/Ticketing only. If domain reporting is enabled, select the service for domain reporting Create a new service in Autotask PSA or use an existing one. Configure parked domain synchronization (optional) Choose whether to sync parked domains Select which Autotask service to use for parked domains Set your preferred reporting frequency: Last day of the month: This option updates services monthly with the total domains valid during the previous month Selected date of the month: This option updates services on your chosen date with domain totals from the preceding period When services are updated, the system modifies: Unit count (quantities) Invoice Description with domain names 4. Alert-to-Ticket Mapping You can configure how EasyDMARC alerts generate tickets in Autotask PSA by doing the following: Select Domain Group (customer) from your list Choose which alerts should create tickets View all alerts configured for domains in that Domain Group Examples: DMARC Record Changed, SPF Record Changed, etc. Set default ticket parameters Type, Status, Priority, Sources, etc. How it works after configuration When an alert is triggered, the system automatically: Sends you a detailed email notification Creates a new Autotask Ticket containing: The customer information (Domain Group ⟷ Company) Alert name as the ticket subject (e.g., “DMARC Record Changed”) Complete details from the alert log (such as old and new record values) We’re sure you’ll find this integration useful in simplifying yours and your customers’ DMARC journey. Keep an eye out for more integrations coming soon. The post EasyDMARC Announces Integration with Autotask PSA appeared first on EasyDMARC.

Email continues to be the primary attack vector for cybercriminals targeting organizations across all industries. These attacks arrive disguised as legitimate communications, often mimicking trusted senders and creating a false sense of security that bypasses technical defenses by taking advantage of human error. Understanding the distinctions between business email compromise (BEC) vs phishing is crucial, as both represent sophisticated yet very different threat methods. The financial impact of email-based threats has reached unprecedented levels. According to the FBI’s Internet Crime Complaint Center, BEC scams resulted in over $2.77 billion across 21,442 reported incidents in 2024 alone. What makes a BEC attack different from a typical phishing email is its highly targeted nature. While phishing often involves mass distribution of generic threats designed to lure people in, BEC attacks specifically impersonate executives or trusted partners to target individuals with financial authority. The 2023 Verizon Data Breach Investigations Report also revealed that phishing attempts increased by 18% year-over-year, with 74% of breaches in financial services involving phishing as the initial attack method. Organizations can significantly strengthen their security posture through a combination of employee awareness training and effective security controls. Teaching staff how to identify suspicious emails represents a critical first line of defense, while implementing email authentication protocols provides essential protection.  DMARC solutions for businesses, like those provided by EasyDMARC, help organizations verify sender legitimacy, prevent domain spoofing, and block unauthorized emails before they reach employee inboxes, effectively neutralizing these threats before they can exploit various vulnerabilities. This multi-layered approach not only protects sensitive information but also preserves business continuity, shields organizational reputation, and maintains the trust that customers and partners place in your digital communications. In this article, we’ll go over what a BEC attack looks like, what makes a BEC attack different from a typical phishing email attack, recent trends, and what you can do to prevent these types of attacks.  Key Takeaways for BEC vs Phishing BEC attacks and phishing attacks are similar in that they both use social engineering tactics, typically involve email as an attack vector, and the end goal is often financial gain, data theft, or unauthorized access. While BEC attacks and phishing are similar, BEC issues are far more sophisticated and personalized to the target.  Best practices for preventing BEC attacks include training employees, using MFA, and implementing DMARC protocols.  What is a BEC Attack? BEC attacks are sophisticated email scams that target organizations, often with financial motives or to gain access to sensitive information. These highly targeted attacks involve cybercriminals impersonating executives, trusted vendors, or business partners to manipulate employees into taking actions that benefit the attacker. Unlike mass phishing campaigns that cast wide, generic nets, BEC attacks are meticulously researched and personalized. Attackers often spend weeks studying their targets’ organizational structures, business relationships, and communication patterns before launching their assault. They identify key individuals with financial authority or access to sensitive information, then craft convincing impersonations designed to exploit established relationships. The most common BEC scenario involves an urgent wire transfer request that appears to come from a company executive. For example, an employee might receive what looks like an authentic email from their CEO requesting an immediate wire transfer to a vendor. The message often emphasizes urgency and discretion, discouraging verification through normal channels. When the employee complies, the funds are transferred directly to the attacker’s account and typically moved multiple times within hours, making recovery virtually impossible. The financial damage from BEC attacks can be devastating. But beyond immediate financial losses, organizations face potential regulatory penalties, litigation costs, reputational damage, and lost business opportunities. In one case, a multinational corporation lost $47 million in a single BEC attack when an executive was tricked into authorizing multiple transfers for a supposed acquisition. How to Prevent Business Email Compromise Attacks The best way to prevent BEC attacks is by using a multi-layered approach, combining employee training, multi-factor authentication, and email security protocols. Employee Training Regular security training equips employees with the right tools to spot dangerous emails before they do damage. Teaching staff to adhere to email security best practices is a great way to ensure your employees are helping build a security-conscious culture. Multi-Factor Authentication Multi-factor authentication (MFA) provides multiple layers of defense through different authentication factors. These typically include something you know (like a password), something you have (such as a smartphone), and something you are (biometric data like fingerprints). Even if a password is compromised, these additional authentication layers prevent unauthorized access, dramatically reducing the risk of account infiltration. The multiple verification steps create a robust security mechanism that goes far beyond traditional password protection. Email security protocols like DKIM (DomainKeys Identified Mail), SPF (Sender Policy Framework), and DMARC (Domain-based Message, Authentication, Reporting, and Conformance) provide critical layers of protection against email spoofing and phishing attempts. These protocols work together to verify the authenticity of email senders and prevent unauthorized use of domain names. To best identify email security issues, users can use tools like SPF lookups, DKIM Record Checkers, and DKIM Record Generators. However, these tools can only go so far.  To ensure the best possible protection against BEC attacks, organizations must have DMARC properly set up to achieve the most secure email authentication. To do so, users can make use of online DMARC solutions to help them implement the strongest DMARC policies and get support with the continual monitoring of their domains.  Start Your 14-day Free Trial What is a Phishing Attack?  A phishing attack is one in which attackers impersonate trusted entities to trick victims into revealing sensitive information. They typically arrive via email, text messages, or social media, masquerading as legitimate communications from banks, service providers, colleagues, or other trusted sources.  Today’s phishing attacks have evolved far beyond the obvious grammatical errors and implausible scenarios of early attempts. Modern phishing emails often feature perfect spelling, convincing logos, and accurate sender information. They create a false sense of urgency, leverage fear or curiosity, and provide seemingly legitimate reasons for immediate action. The most common phishing scenario involves an email claiming to be from a trusted organization, alerting the recipient to a supposed account problem requiring immediate attention. Recent phishing statistics reveal that the most targeted industry in 2024 was the IT sector. This industry faces greater risk due to its critical role in infrastructure and access to valuable data. Cybercriminals exploit software vulnerabilities and employee susceptibility to phishing scams to gain access to sensitive information and important systems.  The Evolution of Phishing Since their inception in the 90s, phishing attacks have progressed significantly. Early attacks often contained obvious red flags like poor grammar and unlikely scenarios. Since then, cyber criminals have refined their tactics, creating more convincing messages that mimic legitimate organizations with increasing accuracy.  Modern attacks often include spear phishing, which targets individuals through the use of personal relevant information, clone phishing, which replicates legitimate emails but replaces attachments with malicious versions, vishing, involving voice phishing via phone calls, and pharming, which redirects website traffic to fake sites without user interaction. Today’s most sophisticated phishing attacks employ AI-generated content that can adapt to targets in real-time, creating highly personalized and convincing communications. According to SlashNext’s 2023 State of Phishing Report, AI-enhanced phishing attacks increased by 1,265% in 2022 alone, with attackers using machine learning to craft increasingly convincing messages. The Real Cost of Phishing The damage from phishing attacks extends far beyond initial credential theft, creating long-lasting consequences for organizations that fall victim to them. When attackers gain access to accounts or systems, they can steal sensitive data, including financial information and intellectual property. These breaches often lead to substantial financial loss, with the average cost of a data breach reaching $4.45 million in 2023.  Even more devastating can be the deployment of ransomware across corporate networks, as seen in high-profile cases where companies paid millions in ransom and still faced weeks of operational disruption. The repercussions continue to ripple outward as cybercriminals establish persistent access for extended campaigns, sometimes maintaining hidden footholds for months before being detected. Using compromised accounts, attackers frequently target an organization’s partners and customers, exploiting established trust relationships to spread their reach.  This cascade effect severely damages brand reputation and erodes customer confidence, as demonstrated when major retailers experienced phishing breaches that led to measurable customer churn and required expensive brand rehabilitation campaigns. The combined impact of regulatory fines, litigation, remediation costs, and lost business opportunities often transforms what seemed like a simple email attack into an existential threat for many businesses. Recent Trends and Emerging Threats Phishing threats continue to evolve at a rapid pace. Recent trends include: QR Code Phishing: Attackers embed malicious QR codes in emails that direct victims to credential-harvesting sites MFA Bypass Techniques: Sophisticated phishing kits that can intercept and replay authentication tokens in real-time AI-Generated Content: Using large language models to create highly convincing and contextually appropriate phishing messages Collaboration Platform Targeting: Focused attacks on workplace tools like Microsoft Teams, Slack, and Google Workspace How to Prevent a Phishing Attack To best prevent phishing attacks, as with BEC attacks, we recommend a multi-layered approach, combining technical solutions like DMARC, human awareness including security training, and organizational processes like MFA.  Detecting email security vulnerabilities requires specialized tools such as SPF lookup utilities, DKIM record verification and generation tools, DMARC verification services, and phishing link checkers.  For optimal defense against phishing attacks, organizations should implement properly configured DMARC protocols to maximize email authentication security. Dedicated DMARC solutions like EasyDMARC offer assistance in deploying robust DMARC policies and providing ongoing domain monitoring support. Get Started Now Is Business Email Compromise the Same as Phishing? BEC and phishing attacks are closely related and often overlap, as both rely on deception to trick victims into taking harmful actions. However, they differ in execution, targeting, and sophistication. Similarities Between BEC and Phishing  Both use social engineering tactics to manipulate victims. Both typically involve email as the primary attack vector. The end goal of both is often financial gain, data theft, or unauthorized access. Differences Between BEC and Phishing  Targeting: BEC attacks are highly targeted, often aimed at specific individuals like executives or finance personnel, while phishing is usually broader and sent to large groups. Tactics: BEC relies on impersonation and pretexting without malware or links, whereas phishing often uses malicious links or attachments to compromise systems. Complexity: BEC attacks are generally more sophisticated and customized, requiring research and planning, whereas phishing is typically automated and generic. EasyDMARC Can Prevent BEC Attacks and Stop Phishing As cyber threats continue to evolve, organizations must understand the nuances between BEC and phishing attacks to build more effective defenses. Both attack types exploit human trust and communication habits, but BEC attacks stand out for their precision, research, and high financial stakes, while phishing typically relies on volume and opportunism. Regardless of the method, email remains the most exploited vector, making email security a critical priority. At EasyDMARC, we equip businesses with the tools needed to identify, categorize, and neutralize both BEC and phishing threats, as well as countless other attacks. By implementing email authentication protocols like DMARC, SPF, and DKIM, organizations can verify sender identity and prevent domain spoofing.  Our platform also offers powerful tools to help users detect weaknesses and take action before attackers can exploit them. Features like real-time alerting and aggregate reporting give organizations the visibility and agility needed to respond quickly and decisively to suspicious activity. Looking ahead, phishing attacks continue to rise year upon year, becoming increasingly targeted and convincing. Meanwhile, BEC attacks are growing in sophistication and financial impact. The most effective way to stay ahead of these evolving threats is by adopting a proactive, layered defense strategy that includes email authentication. With the right tools, policies, and training in place, organizations can significantly reduce their exposure and build long-term resilience against the next wave of email-based attacks. Frequently Asked Questions What is a BEC cyber attack? A Business Email Compromise (BEC) cyber attack is a type of email fraud that targets businesses and organizations to trick employees, executives, or partners into transferring money or sensitive information to the attackers. It typically involves the spoofing or compromising of a legitimate business email address to manipulate the victim into taking actions that result in financial or data losses. Attackers will often impersonate other people at the company, particularly management or higher-ups. What is an example of a BEC? BEC attacks almost always involve impersonation of a company employee, so they often begin with an email from an attacker impersonating someone at the company. In some cases, the attacker will target the company’s accounts payable department with an email containing a malicious link or attachment. Once the link is clicked, the attacker can gain access to the accounts payable email, making stealing money much easier.  Here is an example of what an email from a BEC attack may look like. “Hi [Employee Name],I need you to process an urgent payment of $100,000 to [Vendor Name]. This payment is time-sensitive, and we need it completed by the end of the day. Please wire the funds to the following account:Account Number: 1234567890  Routing Number: 987654321  Bank Name: [Fake Bank Name]Let me know once it’s done. This is very important.Best,  [CEO Name] What makes a BEC attack different than a typical phishing? A Business Email Compromise (BEC) attack differs from a typical phishing attack in several key ways. While both types of attacks use social engineering to manipulate victims into taking actions that benefit the attacker, BEC attacks are usually aimed at businesses, focusing on financial transactions or stealing confidential data. The emails appear legitimate, making it harder to detect, and often involve impersonating high-level employees. On the other hand, phishing is usually more generic and aimed at a wide audience, trying to trick victims into clicking on malicious links or downloading malware to steal personal information, such as login credentials. Phishing emails often include suspicious links or attachments, while BEC emails are more subtle and business-focused. Who do BEC attacks typically target? Business Email Compromise (BEC) attacks typically target specific individuals within an organization who have access to financial transactions, sensitive company data, or the ability to authorize actions such as fund transfers. The attackers often focus on individuals who are more likely to be tricked into complying with requests that appear legitimate. What is the difference between BEC and EAC? BEC involves attackers impersonating executives or trusted partners to trick employees into transferring money or sensitive data. It’s highly targeted and often financially motivated. In contrast, EAC (Email Account Compromise) occurs when an attacker gains unauthorized access to an individual’s email account to steal information or monitor communications. While BEC focuses on financial fraud, EAC is generally more about unauthorized access and data theft. What is the best way to prevent BEC attacks? The best way to prevent BEC attacks is employee training. Teaching your employees what to look for gives them the knowledge needed to recognize when an email looks suspicious and trains them not to click on links or attachments in emails.  Other effective approaches include using multi-factor authentication and implementing email authentication protocols like DMARC, DKIM, and SPF. Services like EasyDMARC makes implementing these protocols easy, fast, and secure. 

Our recent webinar, “Stay Deliverable: Meet Microsoft Outlook’s New Email Sender Requirements,” brought in an engaged audience with insightful questions about how Microsoft’s updated policies affect bulk email senders. From domain management and alignment to monitoring and implementation challenges. As promised, to ensure everyone gets the answers they need, we’ve compiled some of the most important questions from the webinar, along with expert responses from our team. Let’s dive in! 1. Domain Management & Alias Complexity I have multiple domains, with one being main and others as alias domains. We’re having deliverability problems with aliases due to DMARC and Gmail/Yahoo requirements. Should I separate them entirely? There’s no specific indication that having alias domains could affect deliverability with Google and Yahoo. When it comes to alias domains, you can only set DKIM alignment to pass with the From: address alias domain. SPF alignment will always fail. Also, it’s good to note that the primary domain will continue sharing its reputation with alias domains in general. You can separate them entirely or set them up as secondary domains, where they will be fully independent from the primary domain and won’t share reputation. Even so, the reputation relies on thousands of data points. If I have EasyDMARC on my primary domain, do I need to set it up again on subdomains I send from? No. If you add just your primary domain, then your subdomains will automatically populate in your DMARC aggregate reports once we receive reports indicating there are outgoing emails from your subdomains. DMARC for subdomains will automatically inherit everything (policy and reporting) directly from the root/primary domain. If you don’t have an explicit DMARC record on your subdomain, it will inherit everything from your root domain. 2. Tools and Platform Mismatches How do you deal with Bluehost saying “no issues” when EasyDMARC shows otherwise? There are ESPs or hosting providers that show there are no problems if everything is set correctly from a DNS perspective. However, there are cases where, even if you’ve set your DNS records correctly (SPF, DKIM, or DMARC), things can still fail depending on your sending practices. It’s always best to follow the live process of DMARC reports, which are generated every 24 hours and show exactly what MBPs are saying about your authentication process. 3. Provider-Specific Requirements Are SPF, DKIM, and DMARC requirements different for Microsoft vs Gmail? If we’re good with Google, are we good with Microsoft too? Generally, yes. Both require senders to have SPF and DKIM authentication set up with DMARC implemented using at least p=none. When it comes to alignment, Google and Microsoft both require either SPF or DKIM to be aligned with the From: address domain, but Microsoft goes a step further by preferring both to be aligned. Google has Postmaster Tools. Is there a Microsoft equivalent? Microsoft provides SNDS, which is an IP-based Postmaster tool, unlike Google Postmaster, which is domain-based. That being said, Microsoft SNDS is useful and can be implemented if you have dedicated IP pools. Are there extra DMARC requirements for domains like cox.net or frontier that transitioned to Yahoo? Yes.  4. Implementation Clarifications What is “alignment” in the DMARC context? Alignment in DMARC means that the domain in the From: header matches (or is a subdomain of) the domain used in SPF or DKIM authentication. DMARC passes only if either SPF or DKIM passes and aligns with the From domain. Without alignment, even valid SPF/DKIM results won’t satisfy DMARC. If the sending server only supports SPF, what can be done? If SPF is the only supported authentication method, you must ensure SPF passes and aligns with the domain in the From: header to satisfy DMARC. Use a custom Return-Path domain that aligns, or adjust the From domain to match the SPF-authenticated domain. However, relying only on SPF is risky because intermediate forwarding can break SPF. DKIM signing is recommended for redundancy, better deliverability, and to avoid false positives. Is continuous monitoring needed after you configure DMARC? If yes, why? Yes, continuous monitoring is critical even after DMARC is configured. Email ecosystems change frequently; new services, new domains, or third-party platforms may start sending on your behalf without proper SPF/DKIM. Monitoring DMARC reports helps you detect unauthorized sources, misconfigurations, and alignment issues in real time. Without monitoring, you risk delivery failures. 5. Record Limits and Best Practices Can a domain have two SPF records? No, a domain must have only one SPF TXT record per domain level. If you publish more than one, SPF validation will fail with a PermError. Instead, you should merge all mechanisms and includes into a single record. Use tools to validate syntax and avoid duplication when combining SPF entries. Note: You can have an SPF record on different subdomains. What if a domain’s SPF needs more than 10 includes? Does EasyDMARC help with this? Yes, we have an EasySPF solution that replaces includes with resolved IPs and keeps your record within limits. It also auto-updates your SPF record regularly to reflect IP changes. Will having different DKIM selectors cause a conflict? No, multiple DKIM selectors can coexist without conflict. Selectors are used to locate the DKIM public key in DNS, and each selector is independent. This allows different services (e.g., Microsoft, Mailchimp) to sign with their own selectors. Just ensure each selector’s DNS record is correct and that you monitor them using DMARC Aggregate reports. 6. Sending Limits and Provider Rules This requirement applies to domains sending 5000+ emails/day via Microsoft 365, not just outlook.com/hotmail.com, right? No, this requirement is not about sending from Microsoft 365. It applies to any domain that sends over 5,000 emails per day to Microsoft’s consumer email services, such as outlook.com, hotmail.com, and live.com. The infrastructure you send from doesn’t matter—what matters is the volume of messages received by Microsoft consumer mailboxes. These domains must comply with Microsoft’s SPF, DKIM, and DMARC requirements or risk delivery issues. Microsoft 365 (enterprise mail) is not currently affected by this enforcement.  7. Miscellaneous but Useful Why did it take companies so long to adopt SPF, DKIM, DMARC if the solution existed for years? Adoption lagged due to a lack of awareness, poor tooling, and fear of breaking legitimate email flows. SPF and DKIM require precise DNS setup, and DMARC enforcement can cause delivery issues if alignment isn’t handled properly. Which BIMI cert is being de-trusted? The Entrust BIMI VMC is being de-trusted by Google starting August 31, 2024. This means BIMI logos using Entrust-issued VMCs will no longer display in Gmail after that date. Define CMC, please. CMC stands for Certified Mark Certificate. It’s a BIMI-compatible certificate issued to organizations without a registered trademark, allowing them to display a verified logo (without the blue checkmark) in email clients. Unlike a VMC, which requires a registered trademark, a CMC can use logos that are pending trademark approval or internally validated. For full compliance, does reporting (RUA/RUF) need to be enabled and monitored? No, enabling RUA/RUF is not required for DMARC compliance, but it’s strongly recommended (for us, it’s required). Reports don’t affect enforcement but provide visibility into who’s sending mail on your behalf and whether it passes SPF/DKIM. Without reports, you’re flying blind and could miss abuse or misconfigurations. Monitoring RUA reports helps you maintain ongoing compliance and security. What does “unsubscribe processing timeline (must honor within 2 days)” mean exactly? Does it include users who mark as spam? It means if a user clicks “unsubscribe,” their request must be processed and fully effective within 2 days, no more emails after that. It doesn’t apply to users who mark emails as spam, but high spam complaint rates are still tracked and can affect your domain reputation. Final Thoughts The new requirements from Microsoft mark a significant step toward a more secure and reliable email ecosystem but they also demand proactive configuration and monitoring from senders. We hope these answers clarify the nuances of authentication, domain reputation, and compliance as they relate to both Microsoft and other major mailbox providers. If you still have questions or need help implementing the right email security practices, our team is always here to support you. Stay tuned for more updates and educational sessions as the email landscape continues to evolve. The post Answering Your Webinar Questions: Meet Microsoft Outlook’s New Email Sender Requirements appeared first on EasyDMARC.

RSAC Conference, San Francisco, 28th April – EasyDMARC, a provider of email authentication and domain protection solutions, today announced the availability of its platform in the Microsoft Azure and Microsoft AppSource marketplaces. Microsoft customers can now deploy EasyDMARC directly within their existing cloud environment, with simplified procurement and management through trusted Microsoft channels. The integration comes at a time when email authentication has become a critical requirement for organizations sending large volumes of email. With Microsoft Outlook being the latest to introduce stricter standards for high-volume senders, businesses face growing pressure to implement DMARC, SPF, and DKIM. These protocols not only protect inboxes against domain spoofing and phishing threats but are increasingly essential for ensuring email deliverability. EasyDMARC’s marketplace availability helps organizations accelerate adoption by removing common procurement and integration barriers. Security teams can now evaluate, procure, and deploy the solution directly from the Microsoft ecosystem, helping ensure compliance with modern email requirements while improving protection against impersonation-based threats. Commenting on the integration, Gerasim Hovhannisyan, CEO and co-founder of EasyDMARC said: “Meeting modern security standards shouldn’t be complicated, nor should it be a barrier for businesses. By listing on Microsoft Azure and AppSource, we’re giving our customers a frictionless path to adoption. Our mission is to make strong email security accessible, and this partnership helps us deliver on that promise at scale.” EasyDMARC’s listing supports the company’s continued growth in the enterprise and managed service provider (MSP) sectors, following integrations with Pax8, HaloPSA, and other platforms serving channel partners. EasyDMARC’s Plus and Premium plans are now available for purchase directly through Microsoft Azure and AppSource. The company will also exhibit at RSAC 2025 at Booth N4529, North Expo. Demo requests can be made here:  https://easydmarc.com/blog/event/rsa-conference/ About EasyDMARC EasyDMARC is a cloud-native B2B SaaS that solves email security and deliverability challenges in just a few clicks. With advanced tools, including its AI-powered DMARC Report Analyser, DMARC, SPF, DKIM cloud management solutions, and email source reputation monitoring, EasyDMARC helps customers protect their domains and maintain strong email health. For Managed Service Providers (MSPs) seeking to grow their business, EasyDMARC offers a powerful platform for streamlining domain management with features like organisational control, domain grouping, and access management. A comprehensive sales and marketing enablement programme further supports MSPs in elevating DMARC sales. The platform is scalable and available with flexible, pay-as-you-go pricing. The post EasyDMARC Now Available on Microsoft Azure and AppSource Marketplaces appeared first on EasyDMARC.

What is Email Deliverability, and Why Does it Matter? Email deliverability is the ability of emails to successfully reach recipient inboxes, and not land in spam or junk folders. It’s not just about whether an email was sent; it’s also about whether it actually arrived, where it was supposed to go,  and whether it was considered trustworthy enough to show up in the inbox.  How Poor Deliverability Impacts Email Marketing Campaigns Deliverability matters because, for every marketing email that doesn’t make it to a prospect, a business opportunity is missed. It’s like printing thousands of flyers for a campaign and having over half of them tossed in the trash before they ever reach a mailbox.  The average email open rate is around 39.7%, with an average click-through rate of only 1.0%. Inbox placement rates trended downwards in 2024, declining to 82.3% in Q4. For companies investing serious time and money into email outreach, poor deliverability is a silent budget killer that can sabotage even the most well-crafted campaigns. While AI is decreasing the amount of time it takes to craft a high-converting marketing email, on average, 53% of brands take two weeks or more to produce a marketing email. (image credit: Kinsta.com) Time is money, and the last thing you want is for an email your Marketing team spent over a week tweaking to land in spam or be rejected by the server. You may be asking, ‘Why the focus on email marketing?’ Well, when done correctly, the return on investment for email campaigns can be up to 3600%. How Does DMARC Factor into Email Deliverability? DMARC may play a behind-the-scenes role in email deliverability, but it is a crucial one. It controls whether your marketing emails reach the inbox, get diverted to spam, or get rejected entirely. It works by verifying that an email claiming to be from your domain actually came from an authorized sender. If you want more of the nitty-gritty details on this, check out EasyDMARC’s ultimate guide to DMARC. When properly configured, DMARC helps email providers like Gmail, Outlook, and Yahoo trust your messages, which boosts your sender reputation and improves deliverability. Without it, your emails are more likely to be flagged as suspicious or spoofed, especially if someone else is trying to send phishing emails using your brand name. That’s why DMARC isn’t just a cybersecurity tool; it’s a strategic lever for ensuring your campaigns land in front of the people you’re trying to reach. What Brand Trust Means to Your Business Brand trust is the quiet force behind almost every buying decision. It’s what makes someone open your email instead of deleting it, click your link instead of scrolling past, and say “yes” to your offer instead of hesitating. When your audience trusts your brand, they assume your messages are safe, your promises are real, and your business is worth their time. That kind of trust doesn’t come from clever headlines or perfect designs; it comes from consistency, credibility, and showing that you take their security and experience seriously. In the crowded space of digital marketing, brand trust isn’t a soft metric; it’s a direct driver of engagement, loyalty, and ultimately, revenue. Why Would Using DMARC Increase Brand Trust? Using DMARC increases brand trust because it actively protects your customers, partners, and prospects from email-based fraud that could damage your reputation. When someone receives an email with your name on it, they’re putting trust in your brand just by opening it. If that message turns out to be a phishing scam or malware-laced spoof, that trust evaporates and can be hard to earn back.  DMARC prevents unauthorized senders from impersonating your domain, signaling to inbox providers and recipients that your messages are legitimate and safe. Over time, this builds confidence in your communication, reinforcing the perception that your business takes customer safety seriously and can be relied on, not just to deliver value, but to do it securely. How can IT and Marketing Collaborate on Email Deliverability? When IT and Marketing collaborate, email deliverability is no longer a technical hurdle – it’s a strategic advantage. Together, these teams can ensure that every campaign not only looks good but also gets seen. IT brings the tools and expertise to protect the domain and boost sender reputation, while Marketing understands the timing, tone, and target of each message. By working together, they can reduce bounce rates, improve open rates, and safeguard the brand from impersonation; ultimately stretching every marketing dollar further and building lasting trust with the audience. Align on Approved Sending Domains and Tools Marketing teams often use third-party platforms, like Mailchimp, HubSpot, or ActiveCampaign, to manage email campaigns. If those platforms aren’t properly authorized through SPF and DKIM records, your emails might be flagged as suspicious. IT should work closely with Marketing to make sure all tools and domains used for email are aligned with the organization’s DMARC policy. This is especially important when Marketing launches a new campaign or sends from a subdomain. A quick conversation before hitting “send” can prevent major deliverability issues and lost time.Treat Email Security as Part of the Customer Experience Marketing is usually laser-focused on customer experience, but that should include email security, too. If customers receive spoofed or phishing emails that appear to come from your brand, it not only creates confusion, it also breaks trust. IT plays a critical role in preventing that kind of damage, but Marketing can help by framing DMARC and authentication as part of the broader brand promise. When IT understands they’re contributing directly to the user experience, and marketing sees how security helps drive engagement, mutual respect and a more unified strategy are formed. Share Email Data to Spot Deliverability Problems Both Marketing and IT teams have useful data; they’re just looking at different dashboards. IT has access to DMARC reports, bounce logs, and authentication failures via solutions like EasyDMARC. Marketing has insights on open rates, engagement trends, and unsubscribes. When these data sets are shared and compared, you can spot deliverability problems from the outset. For example, if open rates suddenly drop, marketing might assume it’s a content issue, but IT could confirm that it’s actually a sender reputation problem. Regular data syncs help both sides connect the dots faster. Key Takeaways When Navigating Email Deliverability Challenges Ensuring email deliverability isn’t just a technical challenge, it’s a business imperative. Every missed message is a lost opportunity to engage a potential customer, grow your brand, and drive revenue. That’s why email deliverability can’t be owned by IT alone, or siloed off in a marketing dashboard; it requires shared responsibility and proactive communication between both teams. When IT lays the technical foundation, ensuring DMARC is in place, and Marketing brings creativity to the table, the result is powerful: more visibility, more engagement, and more value from every campaign you launch. If your business is struggling with low open rates, high bounce rates, or brand impersonation issues, you don’t have to figure it out alone. Consider working with a Managed Services Provider like Managed Nerds. As an EasyDMARC partner, we specialize in helping small and mid-sized businesses untangle their email deliverability challenges. Whether you need a full DMARC setup, help interpreting your reports, or just want your emails to actually land, we’re here to make that happen; because getting seen and trusted is the first step to getting email marketing results. The post From DNS to Deliverability: Why IT and Marketing Should Talk More Often appeared first on EasyDMARC.

What is Email Deliverability, and Why Does it Matter? Email deliverability is the ability of emails to successfully reach recipient inboxes, and not land in spam or junk folders. It’s not just about whether an email was sent; it’s also about whether it actually arrived, where it was supposed to go,  and whether it was considered trustworthy enough to show up in the inbox.  How Poor Deliverability Impacts Email Marketing Campaigns Deliverability matters because, for every marketing email that doesn’t make it to a prospect, a business opportunity is missed. It’s like printing thousands of flyers for a campaign and having over half of them tossed in the trash before they ever reach a mailbox.  The average email open rate is around 39.7%, with an average click-through rate of only 1.0%. Inbox placement rates trended downwards in 2024, declining to 82.3% in Q4. For companies investing serious time and money into email outreach, poor deliverability is a silent budget killer that can sabotage even the most well-crafted campaigns. While AI is decreasing the amount of time it takes to craft a high-converting marketing email, on average, 53% of brands take two weeks or more to produce a marketing email. Time is money, and the last thing you want is for an email your Marketing team spent over a week tweaking to land in spam or be rejected by the server. You may be asking, ‘Why the focus on email marketing?’ Well, when done correctly, the return on investment for email campaigns can be up to 3600%. How Does DMARC Factor into Email Deliverability? DMARC may play a behind-the-scenes role in email deliverability, but it is a crucial one. It controls whether your marketing emails reach the inbox, get diverted to spam, or get rejected entirely. It works by verifying that an email claiming to be from your domain actually came from an authorized sender. If you want more of the nitty-gritty details on this, check out EasyDMARC’s ultimate guide to DMARC. When properly configured, DMARC helps email providers like Gmail, Outlook, and Yahoo trust your messages, which boosts your sender reputation and improves deliverability. Without it, your emails are more likely to be flagged as suspicious or spoofed, especially if someone else is trying to send phishing emails using your brand name. That’s why DMARC isn’t just a cybersecurity tool; it’s a strategic lever for ensuring your campaigns land in front of the people you’re trying to reach. What Brand Trust Means to Your Business Brand trust is the quiet force behind almost every buying decision. It’s what makes someone open your email instead of deleting it, click your link instead of scrolling past, and say “yes” to your offer instead of hesitating. When your audience trusts your brand, they assume your messages are safe, your promises are real, and your business is worth their time. That kind of trust doesn’t come from clever headlines or perfect designs; it comes from consistency, credibility, and showing that you take their security and experience seriously. In the crowded space of digital marketing, brand trust isn’t a soft metric; it’s a direct driver of engagement, loyalty, and ultimately, revenue. Why Would Using DMARC Increase Brand Trust? Using DMARC increases brand trust because it actively protects your customers, partners, and prospects from email-based fraud that could damage your reputation. When someone receives an email with your name on it, they’re putting trust in your brand just by opening it. If that message turns out to be a phishing scam or malware-laced spoof, that trust evaporates and can be hard to earn back.  DMARC prevents unauthorized senders from impersonating your domain, signaling to inbox providers and recipients that your messages are legitimate and safe. Over time, this builds confidence in your communication, reinforcing the perception that your business takes customer safety seriously and can be relied on, not just to deliver value, but to do it securely. How can IT and Marketing Collaborate on Email Deliverability? When IT and Marketing collaborate, email deliverability is no longer a technical hurdle – it’s a strategic advantage. Together, these teams can ensure that every campaign not only looks good but also gets seen. IT brings the tools and expertise to protect the domain and boost sender reputation, while Marketing understands the timing, tone, and target of each message. By working together, they can reduce bounce rates, improve open rates, and safeguard the brand from impersonation; ultimately stretching every marketing dollar further and building lasting trust with the audience. Align on Approved Sending Domains and Tools Marketing teams often use third-party platforms, like Mailchimp, HubSpot, or ActiveCampaign, to manage email campaigns. If those platforms aren’t properly authorized through SPF and DKIM records, your emails might be flagged as suspicious. IT should work closely with Marketing to make sure all tools and domains used for email are aligned with the organization’s DMARC policy. This is especially important when Marketing launches a new campaign or sends from a subdomain. A quick conversation before hitting “send” can prevent major deliverability issues and lost time.Treat Email Security as Part of the Customer Experience Marketing is usually laser-focused on customer experience, but that should include email security, too. If customers receive spoofed or phishing emails that appear to come from your brand, it not only creates confusion, it also breaks trust. IT plays a critical role in preventing that kind of damage, but Marketing can help by framing DMARC and authentication as part of the broader brand promise. When IT understands they’re contributing directly to the user experience, and marketing sees how security helps drive engagement, mutual respect and a more unified strategy are formed. Share Email Data to Spot Deliverability Problems Both Marketing and IT teams have useful data; they’re just looking at different dashboards. IT has access to DMARC reports, bounce logs, and authentication failures via solutions like EasyDMARC. Marketing has insights on open rates, engagement trends, and unsubscribes. When these data sets are shared and compared, you can spot deliverability problems from the outset. For example, if open rates suddenly drop, marketing might assume it’s a content issue, but IT could confirm that it’s actually a sender reputation problem. Regular data syncs help both sides connect the dots faster. Key Takeaways When Navigating Email Deliverability Challenges Ensuring email deliverability isn’t just a technical challenge, it’s a business imperative. Every missed message is a lost opportunity to engage a potential customer, grow your brand, and drive revenue. That’s why email deliverability can’t be owned by IT alone, or siloed off in a marketing dashboard; it requires shared responsibility and proactive communication between both teams. When IT lays the technical foundation, ensuring DMARC is in place, and Marketing brings creativity to the table, the result is powerful: more visibility, more engagement, and more value from every campaign you launch. If your business is struggling with low open rates, high bounce rates, or brand impersonation issues, you don’t have to figure it out alone. Consider working with a Managed Services Provider like Managed Nerds. As an EasyDMARC partner, we specialize in helping small and mid-sized businesses untangle their email deliverability challenges. Whether you need a full DMARC setup, help interpreting your reports, or just want your emails to actually land, we’re here to make that happen; because getting seen and trusted is the first step to getting email marketing results. The post From DNS to Deliverability: Why IT and Marketing Should Talk More Often appeared first on EasyDMARC.

As the old proverb goes, “If you want to go fast, go alone. If you want to go far, go together.”  As I reflect on 15-plus years in cyber security, I realize that different approaches are often required to tackle the rapidly evolving threat landscape, whether they be from an economic or geo-political perspective.  On a recent trip to Yerevan, I had the opportunity to visit the TUMO Centre of Creative Technologies, an institution that provides a free educational program to the next generation of thinkers. During a design session facilitated by Picsart, a longtime customer of EasyDMARC, younger students were seen actively collaborating with older classmates on digital design projects.  It was inspiring to see such effortless teamwork at play, and an honor to share my experience in scaling hypergrowth companies at the American University of Armenia to a highly educated class of international graduates. The encounter once more reminded me of the importance of educating and nurturing the minds of future generations. Throughout my career, I have always emphasised the importance of being a team player. Indeed, cyber security is very much a collective effort–supporting organizations through their digital transformation while helping them learn to protect themselves is no small feat.  Conferences provide the ideal environment for attendees to explore the wider threat landscape, delivering valuable insights that benefit the entire DMARC community. We recognize that everyone’s time is precious, which is why at EasyDMARC, we focus on authentic conversations about the genuine value we bring to customers and partners across the entire security and deliverability ecosystem. I have been fortunate enough to attend RSAC Conference for more than a decade, and 2025 marks the first year of EasyDMARC’s participation at the world’s largest cyber and information security event, which attracts 40,000-plus attendees to San Francisco.  In a rapidly developing and economically-driven world, this year’s conference theme, “Many voices, One Community,” perfectly captures our collaborative spirit. Beyond our strategic booth location near the North Expo entrance, the EasyDMARC team has already received numerous invitations to participate in and contribute to various partner and government-led initiatives that emphasize meaningful engagement. I regularly hear about the budgetary pressures organizations face during a time when threats are constantly evolving. Whilst directives and regulations, such as PCI DSS v4.0 in the payments sector, may drive compliance, it’s imperative that customers make educated investment decisions with regards to their security poster prior to compulsory deadlines to best serve their customers and partners. At EasyDMARC, we pride ourselves on delivering intelligent research to drive more accurate decisions. That’s why we’ve recently added several new reports to the resource section of our website. And while our recent research suggests that DMARC adoption is improving, it’s clear that proper enforcement is lacking.  With the recent re-launch of our EasyDMARC Academy, which offers an innovative, online module for DMARC certification, we aim to help educate the rapidly growing DMARC community on the benefits of effective DMARC deployment. As more than five million cyber security roles remain vacant globally, it is clear we cannot solely rely on AI to close the skills gap in an increasingly technology-driven world. Further support is also available through our new Partner Portal to help our partners scale their skills with content to drive wider global engagement.  As you can see, collaboration is very much in our DNA at EasyDMARC. If you are attending RSAC Conference this week, we’d love to meet you and chat face-to-face. Stop by our booth, #4529, located in the North Hall, to see how we are truly delivering a bright future for domain and email security. You may even hear the new verb, “EasyDMARC it.” The post The Power of Collaboration  appeared first on EasyDMARC.

This morning started with a call from a friend – clearly shaken. He had just received an alarming email that looked strikingly legitimate. Unsure whether it was safe or a scam, he reached out to me for help verifying its authenticity. What followed was a deep dive into the message to determine whether it was a genuine communication or a cleverly crafted phishing attempt. The email was convincing enough to create real concern, and that’s what makes this story worth sharing. This was the email: The email claimed that a subpoena had been issued by law enforcement requesting the extraction (access/download) of the contents of his Google Account. What made the situation even more alarming was that the email appeared to come from a legitimate Google no-reply address. On the surface, everything looked clean – no typos, no odd links, and the sender domain seemed genuine. But something felt off, and that gut feeling is often your first line of defense. Ready to secure your email? Get started now! Digging Deeper: Investigating the Suspicious Email Curious and concerned, I examined the email headers and link previews in a sandbox environment, a secure setup isolated from production systems, specifically designed for this kind of research. On the surface, everything appeared to check out: The sender address looked like an official Google no-reply domain The branding and language were polished and professional There were no obvious grammar issues or suspicious attachments. But as we know, phishing campaigns have gotten much more sophisticated. So, I dug into the email headers, checking the SPF, DKIM, and DMARC authentication results. That’s when the red flags began to appear. Important Reminder: Don’t Engage with Suspicious Emails Never click on links or follow instructions in suspicious emails, no matter how legitimate they may seem. Even opening a link or downloading a file could trigger malicious scripts or redirect you to phishing sites designed to steal your credentials. If you’re unsure, leave the investigation to professionals who can safely analyze the message in a sandboxed environment.. Interacting with a malicious email outside of such an environment could result in: Loss of sensitive data Business Email Compromise (BEC) Account takeovers Wider network breaches When in doubt, don’t click – report and escalate. Here is the URL from that email:https://sites.google.com/u/34961821/d/1XMIxkFiq54WpH2tKqay2EPnhN0Ukovet/edit  This redirects to the Google account login page if you are not logged in : After logging in, or if you are already logged in, it sends you to the Google Sites page.  Here’s something critically important to understand: This is not a real Google support page. It’s not a Google sign-in page. It’s not any official Google property in the traditional sense. Instead, it’s a regular Google Sites page, a free tool anyone can use to build a website. In this case, cybercriminals used it to create a page that mimics an official Google support case, complete with convincing visuals and language. Because it’s hosted on a trusted google.comsites.google.com), many users let their guard down. But don’t be fooled – just because the domain looks legitimate doesn’t mean the content is. Start Email Security Check What Google Sites Is Used For Google Sites serves as a practical tool for various purposes, including: Internal team pages (like company intranets or project dashboards) Documentation hubs Event landing pages Personal portfolios or school projects Simple public websites You can create a site by dragging and dropping content blocks (text, images, videos, Google Docs, etc.), and it’s tightly integrated with other Google Workspace tools. When Trusted Infrastructure Becomes a Threat: Google Sites Abuse Google Sites, originally launched in 2008, is part of Google Workspace and allows any authenticated user to create a custom website hosted under the sites.google.com domain. It’s widely used for internal and public-facing content due to its ease of use, zero cost, and native integration with Google products. However, that same convenience is now being weaponized by attackers. Why it’s dangerous: Anyone with a Google account can create a site that looks legitimate and is hosted under a trusted Google-owned domain. There’s no need for custom hosting or domain registration, and attackers benefit from Google’s SSL certificates and brand reputation. Attackers can embed deceptive content (fake login screens, credential harvesting forms, misleading CTAs) under a domain that would normally pass casual user trust and even automated link validation checks. Now let’s take a closer look at the key elements that make this scam so deceptive. How the Attacker Performed a DKIM Replay to Spoof Google This attack was a confirmed DKIM Replay Attack where a spoofed message appeared to be from [email protected], had passed DKIM and DMARC, and was delivered to a Gmail inbox. Below is a step-by-step explanation of exactly what the attacker did, from start to finish — including all infrastructure involved. Step 1: Attacker receives a legitimate email from Google The attacker first received a real email from Google, originating from [email protected]. It included a valid DKIM signature: DKIM-Signature: d=accounts.google.com; s=20230601; bh=a+1bch/… The attacker then extracted and saved this exact email, including headers and body, without modifying anything signed by DKIM. Step 2: Attacker prepares to replay the signed message DKIM (DomainKeys Identified Mail) works by applying a digital signature to specific headers and the body of the email when it is first sent. This signature is generated using the sender’s private key and is attached as a header in the email itself. When the message is forwarded, the original DKIM signature usually remains untouched as long as the email content and headers covered by the signature are not modified. Since forwarding services often preserve the original message as-is (especially in cases like aliasing or server-side forwarding), the DKIM signature remains valid and can still be verified using the sender’s public DNS record.  dkim=pass  Step 3: Attacker sends the email from Outlook The attacker used an Outlook account ([email protected]) to send the spoofed message. Outbound hop: Server: LO3P265CU004.outbound.protection.outlook.comIP: 40.93.67.3 In another example, the origin of the email is Google’s notification service. The email flow is described in the attack reproduction section at the end of this article. Step 4: Message is relayed through Jellyfish SMTP Microsoft then hands the message over to a custom SMTP service: Relay: asp-relay-pe.jellyfish.systemsIP: 162.255.118.7 This system acts as a middle relay, distancing the spoof even further from Google. It’s not affiliated with Namecheap or PrivateEmail. Step 5: Message forwarded via Namecheap’s PrivateEmail The message is then received by Namecheap’s mail infrastructure (PrivateEmail), which provides mail forwarding: Systems involved: mta-02.privateemail.com DIR-08 fwd-04.fwd.privateemail.com fwd-04-1.fwd.privateemail.com During this phase: A new DKIM signature is added: DKIM-Signature: d=fwd.privateemail.com; l=52331; The body beyond 52KB is not signed, but this DKIM is not aligned, so it’s not used for DMARC. SPF passes due to rewritten Return-Path, but is also not aligned. However, since the original Google DKIM is untouched and aligned, DMARC still passes. Step 6: Final delivery to Gmail Final delivery is handled by: Sender: fwd-04-1.fwd.privateemail.com (66.29.159.58)Recipient MX: mx.google.com At this point, the email reaches the victim’s inbox looking like a valid message from Google, and all authentication checks show as passing: SPF=pass (via forwarder) DKIM=pass (from Google) DMARC=pass (based on aligned DKIM) Final SMTP Hop Breakdown: When a Fake Subpoena Becomes an Attack Vector Fake subpoena emails are especially dangerous because they trigger fear, urgency, and confusion. Most people don’t know precisely how subpoenas work, so when an email looks official and mentions legal action, it’s easy to panic and click without thinking. To clarify, a subpoena is typically issued by: A court A lawyer (in civil cases) A government agency (in administrative cases) A subpoena can require someone to: Appear in court Provide documents or evidence Testify at a deposition or trial Serving a Subpoena The subpoena must be formally served to the person or entity. Common methods include: Personal Service (most common and preferred) A process server or law enforcement officer physically hands the subpoena to the individual. Required in most cases to ensure proper delivery and acknowledgment. Mail or Email (only in some cases) Some jurisdictions or situations (especially civil subpoenas) allow service by certified mail or email, but only with prior consent or court approval. In such cases, the subpoena should be delivered in an encrypted way using the company’s official email address. It’s never delivered through third-party platforms. A Registered Agent (for companies) If the subpoena is for a business, it’s often served to their registered agent (a person or service officially designated to receive legal documents on the company’s behalf). Knowing how real subpoenas are issued and delivered can help you spot red flags. Phishing threats are evolving, no longer marked by broken English and sketchy URLs. Today’s attacks often come cloaked in legitimacy, sometimes even using platforms like Google Sites to mimic real support cases. As we saw in this real-world example, even the most tech-savvy users can be caught off guard. The Takeaway? Always question unexpected emails, especially those urging urgent action or containing links to login pages. Just because something looks like it comes from Google (or any other trusted source) doesn’t mean it’s safe. When in doubt, don’t click, don’t reply, and don’t engage. Escalate to your security team or a professional who can handle the investigation in a secure, sandboxed environment. I’m interested in seeing more real-life examples. Do you have any notable cases to share? Start DMARC Journey We Have an Update: Reproducing the Attack We have dived deeper and successfully reproduced the attack: In the first step, the attacker registered a domain via Namecheap. We observed the attack originating from the following domains, which have now been taken down: googl-mail-smtp-out-198-142-125-38-prod.net wd-00000000000097d33d0631f6fe58-goog-ssl.com On the second step attacker registered a free PrivateEmail via Namecheap. me@googl-mail-smtp-out-198-142-125-38-prod.net On the third step they registered a Google Workspace account (free trial) and verified the domain via the DNS TXT record. You need to register it in the google to be able to move to the next steps. In the next step, they created a Google OAuth app and granted the access to that account. Here’s the twist: Google sends the alert or notification to the privately registered email address, where the domain is verified but uses different MX records than Google’s (specifically, Namecheap PrivateEmail). And most importantly, the key trick is that you can put anything you want in the App Name field in Google.: The alert goes directly to the Namecheap account, which has some very interesting “capabilities.”. You can create conditions and put no-reply@google account as From address and the reply address can be anything: the forwarding rule will direct the email to the desired addresses: It is clearly visible from Resent-From and Redirected-From headers: Here is the result: The other details have already described. Frequently Asked Questions What is a DKIM replay attack? A DKIM replay attack is when an attacker captures a legitimate email with a valid DKIM signature and re-sends (replays) it to new victims. Since the body and signed headers remain unmodified, the DKIM signature still validates, making the spoofed email appear authentic. Can SPF or DMARC prevent DKIM replay attacks? Not reliably. 1. SPF validates the MAIL FROM domain and sending IP, which often won’t align during a replay.2. DMARC relies on alignment between SPF or DKIM and the Header From. If DKIM is aligned (as in this case, google.com), and still valid, DMARC can pass, even though the message is replayed from an attacker’s server. Why are DKIM replay attacks hard to detect? DKIM replay attacks are hard to detect because the message appears unmodified, with a valid DKIM signature and even a DMARC pass. If you rely on the email body or DKIM signature verification you may not see anything suspicious. The attack relies on trust in previously signed content, not on breaking cryptography. How did the attacker bypass detection using Google OAuth? The attacker created a malicious Google OAuth app, naming it something like “Google Support.” They inserted phishing content and links into the App Information which includes manually cloned Google support page hosted on sites.google.com.Google generated a valid security alert from [email protected] when access was granted, which the attacker then forwarded to the victim.The forwarded email looked like it came from Google and passed DKIM/DMARC, giving it credibility. What are the most effective ways to be cautious and reduce the risk of DKIM replay attacks? Rotate DKIM Keys FrequentlyRaise User Awareness 1. Encourage caution when clicking on links, even if the sender looks familiar.2. Remind users to check URLs carefully before entering any credentials.3. Share examples of phishing tactics like urgent language, fake legal notices, or account alerts.4. Promote a culture of reporting. If something feels off, it’s always worth flagging.

DKIM (DomainKeys Identified Mail) is an email authentication method that helps verify that an email wasn’t altered during transmission. It works by adding a digital signature to email headers using cryptographic techniques – the sending server signs outgoing messages with a private key, while receiving servers verify these signatures using a public key published in the sender’s DNS records. DKIM serves as a critical component of DMARC. When combined with SPF, DKIM helps DMARC further authenticate emails, protecting domains from spoofing and phishing attacks. However, proper DKIM implementation can be challenging, especially for those who are just getting started with DMARC protocols. That’s where DKIM selectors come in. They allow organizations to manage multiple authentication keys, simplifying deployment across different email services and departments while maintaining strong security practices. Take a look at our DKIM Lookup tool to easily verify digital signatures and the integrity of incoming emails. What is a DKIM Selector? A DKIM selector is a string that identifies a specific DKIM public key for a domain. They allow organizations to use multiple DKIM Key records for a single domain, enabling different departments or services to send authenticated emails. They work by linking each DKIM signature to its corresponding public key, helping receivers locate the correct key during authentication. For example, marketing emails might use the “mkt” selector while automated notifications use the “alert” selector, letting both departments send authenticated emails from the same domain. A selector appears as the “s=” tag in the DKIM signature header field (e.g., “s=mkt”) in the email header, directing the receiving server to check the specific DNS record (like mkt._domainkey.example.com) for the matching public key. The receiving server uses a selector to locate and retrieve the public key to verify that the specified outgoing message is authenticated and not altered along the way. Can I Have Multiple DKIM Selectors? Absolutely. As many organizations tend to use multiple Email Service Providers (ESPs) and third-party services for their email strategies, each service can have separate DKIM signatures identified with unique selectors so that the signing and verifying processes for one service doesn’t interfere with another. Say your organization uses GSuite, Sendgrid, and MailChimp. Each server provides its own DKIM Signature, which can be differentiated with a selector. For example: Google’s default DKIM selector is:google._domainkey.[yourdomain.com] containing DKIM Public Signature (where “Google” is the selector) Sendgrid’s default DKIM selector is: s1._domainkey.[yourdomain.com] containing DKIM Public Signature (where “s1” is the selector) MailChimp’s default DKIM selector is: k1._domainkey.[yourdomain.com] containing DKIM Public Signature k2._domainkey.[yourdomain.com] containing DKIM Public Signature (where “k1” and “k2” are the selectors) Why Do We Need Multiple DKIM Selectors, and How Do We Use Them? Multiple selectors enable email stream segmentation, allowing different departments or services to use their own keys. For example, you could use one selector for internal emails and another for, say, marketing emails. Having multiple selectors also enables third-party integrations, allowing each service provider to use a unique selector, which ensures that emails from different platforms authenticate correctly without error. This setup also aids in troubleshooting by allowing the user to quickly identify which specific key was used for each stream. Overall, using multiple selectors means more flexibility, security, and control over email processes. How to Use a DKIM Selector Generate a DKIM Key Pair: Create a private and public key pair using our DKIM tool. The private key signs your emails, while the public key is published in your DNS records for verification. Choose a DKIM Selector: Select a unique and descriptive name for your selector, such as “marketing2025” or “internal1.” This selector helps identify which key was used to sign an email. Publish the Public Key: Create a TXT record in your DNS with the format “selector._domainkey.yourdomain.com” and include your public key in the value field. Configure Your Email Server: Set up your email server to use the chosen selector for signing emails. Who Provides the DKIM Selector? It mainly depends on the source. If you’re using ESPs and third-party services, they usually have official documentation on how to implement a DKIM Signature. For some sources, it is possible to pick a custom “selector”, while with others, default and in-built selectors are used. Some sources, like Office365 and MailChimp, follow DKIM security best practices, requiring organizations to publish multiple selectors and DKIM records to support automated DKIM key rotation, achieved with CNAME records. At EasyDMARC, we provide more than 1,000 identified email vendors and configuration guides for both SPF and DKIM. With our DKIM lookup tool and DKIM record generator, getting started is easy, accurate, and secure. How Can I Find My DKIM Selector? The simplest way to find your DKIM selector is to send an email to yourself and look at the email headers. In Gmail, click ‘Show original’ Search for ‘DKIM-Signature’ to find the DKIM Signature applied to the email There will be cases where you may find multiple DKIM Signatures applied to your message. In this case, make sure you find the one that contains your domain name, applied in (d=yourdomain.com) tag. So if you don’t find any DKIM-Signature header, or you don’t find any DKIM-Signature that matches your domain name, additional steps need to be taken from your ESP side with DKIM configuration and implementation steps. You can read our article on DMARC Alignment on our website. Without inspecting email headers, and if properly authenticated, you will easily find your DKIM Signature selectors in your EasyDMARC dashboard. Implement DKIM, Protect Your Email Inspecting and verifying your DKIM signature is essential for debugging DKIM issues. Properly configured DKIM is critical for your DMARC enforcement journey, as improper setup can lead to rejected emails, increased spam filtering, damaged sender reputation, and vulnerability to spoofing attacks. DKIM selectors are key for managing multiple authentication keys across different email services, providing necessary flexibility while adding configuration complexity. The interplay between DKIM, SPF, and DMARC creates robust protection, but requires technical expertise to implement correctly. EasyDMARC simplifies this process with specialized tools including our DKIM Lookup for configuration analysis and DKIM Validator for pre-deployment testing. Our platform streamlines DMARC implementation with guided setup, automated policy recommendations, and intuitive reporting dashboards that transform complex authentication data into actionable insights, helping organizations of all sizes secure their email communications effectively. The post What is a DKIM Selector and How Does it Work? appeared first on EasyDMARC.

 RSAC 2025 Conference, San Francisco, 21st April – EasyDMARC, a leading provider of email authentication solutions, today announced it will be exhibiting at RSAC 2025 Conference in San Francisco. The company will be available at Booth #N4529 (North Expo) to demonstrate how businesses, MSPs, and channel partners can simplify compliance, strengthen their email security posture, and accelerate adoption of standards like DMARC, SPF, and DKIM. With increasing enforcement from providers like Google, Yahoo, and Microsoft Outlook, organizations are under more pressure than ever to adopt robust email authentication protocols. EasyDMARC’s platform helps enterprises and SMBs protect their domains from phishing, spoofing, and impersonation, while also aligning with evolving compliance mandates such as the PCI DSS v4.0.1 payment regulation. Gerasim Hovhannisyan, CEO and co-founder of EasyDMARC said: “Exhibiting at RSAC Conference for the first time is an exciting milestone for us. The conference is a great opportunity to connect with like-minded security leaders, while contributing to a stronger, more resilient cybersecurity ecosystem. Security standards are evolving quickly but adopting them shouldn’t be a burden. We are here to show that email and domain security should be fast, risk-free, easy-to-use and reliable as we build the world’s largest DMARC community. At RSAC Conference, EasyDMARC will unveil new integrations designed to enhance partner enablement and customer onboarding. The company will also launch its new bi-annual The EasyDMARC 2025 DMARC Adoption Report, offering a clear view of progress made in helping businesses understand what’s needed to take the next step toward meaningful, sustainable email and domain protection. As awareness of authentication best practices grows, EasyDMARC continues to expand its partner ecosystem. The company is on track to double its MSP and channel footprint in 2025, leveraging recent integrations with ConnectWise, HaloPSA, Pax8, whilst building on our strategic partnership with Guidepoint Security. “ Visitors to Booth #N4529 will also have the opportunity to: See a demo of EasyDMARC’s security platform in action. Gain clarity on the latest email authentication requirements from Google, Yahoo, and Microsoft Outlook, and how organizations need to be aware of new regulations and directives such as PCI DSS V4.0.1,  for changes. Be among the first to access EasyDMARC’s new DMARC Adoption Report. Explore MSP and partner opportunities. Meet and speak directly with EasyDMARC’s product experts and leadership team. To schedule a demo or connect with EasyDMARC at RSAC Conference, visit here: https://easydmarc.com/blog/event/rsa-conference/  About EasyDMARC EasyDMARC is a cloud-native B2B SaaS that solves email security and deliverability challenges in just a few clicks. With advanced tools, including its AI-powered DMARC Report Analyser, DMARC, SPF, DKIM cloud management solutions, and email source reputation monitoring, EasyDMARC helps customers protect their domains and maintain strong email health. For Managed Service Providers (MSPs) seeking to grow their business, EasyDMARC offers a powerful platform for streamlining domain management with features like organisational control, domain grouping, and access management. A comprehensive sales and marketing enablement programme further supports MSPs in elevating DMARC sales. The platform is scalable and available with flexible, pay-as-you-go pricing. The post EasyDMARC to launch new DMARC Adoption report at  RSAC™ 2025 Conference appeared first on EasyDMARC.

Despite the proliferation of messaging platforms, email remains the number one communication and verification method worldwide. In 2024, there were 4.48 billion email users worldwide, accounting for 56.8% of the world’s total population with projections indicating annual growth. Unfortunately, due to its popularity, email communications have long attracted a nefarious crowd: the cybercriminal. Despite long-established countermeasures, email-based threats have only intensified, both in sophistication and frequency. In a report published by Cybercrime Magazine, researchers found that ransomware attacks occur every two seconds, placing annual damage cost projections at $57 billion for 2025 – approximately $4.8 billion monthly. Phishing remains the most common form of cyber crime, with an estimated 3.4 billion spam emails sent every day.  But phishing isn’t the only way cyber criminals gain access to sensitive information. According to IBM, Business Email Compromise (BEC) attacks are the second most expensive type of security breach, costing an average of $4.89 million annually. Given the substantial damage these attacks can cause, it’s crucial for users to equip themselves with the proper tools to combat such threats. Email security protocols are designed to protect against these threats by verifying sender authenticity, encrypting content, and filtering out malicious messages. The good news is that most major email providers automatically implement these protocols to protect their users.  However, if you use an Email Service Provider (ESP), your DMARC responsibilities depend on your setup: Sending from your own domain: You’re responsible for publishing DMARC, SPF, and DKIM DNS records. While your ESP provides the necessary DKIM key and SPF include statement, you must add these to your domain’s DNS and create/manage your DMARC policy record yourself. Using ESP’s domain: The ESP handles all DMARC management for their domains—no setup required from you. DMARC requirements: Major providers like Google and Yahoo now require DMARC for bulk senders to ensure deliverability and prevent email spoofing. EasyDMARC offers a streamlined way to implement comprehensive email security, providing protection against spoofing, phishing, and other email-based attacks. Secure Your Email Domain Now What are Email Security Protocols? Email security protocols are configurations that help keep email communications safe. Let’s take a look at some of the most common ones: DMARC SPF DKIM MTA-STS TLS-RPT S/MIME BIMI ProtocolPurposeHow it WorksSPFValidates authorized sending IPsPublishes allowed IPs in DNS, mail servers verify before acceptingDKIMVerifies email content integritySigns message headers with a private key, verified with public key in DNSDMARCTies SPF and DKIM results, provides reportingInstructs receivers what to do if authentication failsMTA-STSForces TLS encryption for incoming emailsPublishes a policy in DNS, rejecting non-TLS mail serversTLS-RPTMonitors email encryption issuesSends reports if email encryption failsS/MIMEEncrypts email body and attachmentsUses digital certificates for encryption and signingBIMIShows logo in inboxes after DMARC passRequires strong authentication and displays brand logo What is DMARC? DMARC (Domain-based Message Authentication, Reporting, and Conformance) is an email authentication protocol that helps protect organizations and their recipients from fraudulent emails. Since its initial introduction, it has become a fundamental domain security tool and a global authentication standard. It works by utilizing SPF (Sender Policy Framework) and DKIM (Domain Keys Identified Mail) to determine the authenticity of a message. For Managed Service Providers (MSPs), implementing DMARC for MSP clients provides critical security value. A regular DMARC lookup process allows MSPs to monitor client domains, prevent email spoofing, and enhance overall security posture.  DMARC ensures that only authorized senders can use your domain, safeguarding your organization’s reputation and protecting clients and partners from fraudulent emails that appear to come from your email address. It is crucial for defending your domain against phishing and spoofing attacks. Additionally, DMARC reports offer insights into how your domain is being used and help you detect unauthorized activities before they become serious threats. What is SPF? SPF (Sender Policy Framework) is an email authentication protocol that lets domain owners specify which IP addresses are authorized to send emails on their behalf. It prevents spoofing of the RFC5321.MailFrom (Return-Path) address by publishing a DNS record listing these IPs, and receiving servers can validate the sending IP against the SPF record. SPF results alone usually do not cause direct rejection; instead, they contribute to the overall authentication evaluation (especially when combined with DKIM and DMARC) and may influence spam filtering decisions. For maximum protection, SPF is often implemented alongside DKIM (DomainKeys Identified Mail), which provides cryptographic verification that messages haven’t been altered in transit. What is DKIM? DKIM is a protocol that allows domain and organization owners to send authenticated or signed emails. This verification is made possible through cryptographic authentication. It allows the recipient server to verify that the content of the original message was not altered in any way, ensuring that an email was properly signed and remains unaltered. It works in tandem with SPF to provide the maximum protection for your domain, ensuring deliverability and helping to reduce the risk of phishing attacks. What is MTA-STS? MTA-STS (Mail Transfer Agent Strict Transport Security) is a mechanism that enforces TLS, an email encryption protocol, for inbound email delivery to a domain. It allows mail servers to securely communicate by ensuring messages are transmitted over an encrypted connection, thereby mitigating risks such as man-in-the-middle attacks. In 2019, Google became the first major email provider to adopt the new MTA-STS policy, which ensures all inbound emails come through the Transport Layer Security (TLS). This policy complements and strengthens STARTTLS, which is a command that allows mail servers to upgrade an SMTP (Simple Mail Transfer Protocol) connection to a secure, encrypted one. The issue with STARTTLS is that it is vulnerable to downgrade attacks and lacks mechanisms for strict enforcement or sender authentication, making it optional and insecure in certain scenarios. The MTA-STS policy aims to prevent attackers from tampering with email content or sending the communication to another address. Unlike STARTTLS, MTA Strict Transport Security always keeps TLS on. It tells external servers that your email server only accepts email delivery through a secure connection. What is TLS-RPT? TLS Reporting (TLS-RPT) is a protocol that allows email domains to receive reports about the success or failure of TLS encryption during email transmission, providing insights into potential security issues when emails are sent to a domain. Like DMARC reports, TLS reports detail failed SMTP connections and explain why they happened. These failures occur for three reasons: Failed TLS negotiation DNS-related issues MTA-STS problems Also like DMARC reports, TLS reports are delivered to a particular URI (Uniform Resource Identifier) or email address set up via a DNS TXT record. While other protocols focus on authentication and preventing spoofing, TLS-RPT is used specifically to help ensure that the transport encryption layer is working properly, protecting message confidentiality during transmission. What is S/MIME? S/MIME (Secure/Multipurpose Internet Mail Extensions) provides end-to-end encryption and digital signatures for email messages. Unlike SPF, DKIM, and DMARC, which focus on server-level authentication, S/MIME operates at the individual message level. Key features of S/MIME include: End-to-end encryption: S/MIME encrypts the actual content of email messages, keeping them private even if intercepted during transmission. Only the intended recipient with the correct private key can decrypt and read the message. Digital signatures: S/MIME allows senders to digitally sign their messages, verifying their identity to recipients and ensuring the message hasn’t been tampered with during transit. Certificate-based: S/MIME relies on public key infrastructure (PKI) and digital certificates issued by trusted Certificate Authorities (CAs). Each user needs their own certificate containing their public key. Client-side implementation: Unlike server-based protocols, S/MIME typically requires configuration on the email client (like Outlook, Apple Mail, etc.) rather than at the mail server level. What is BIMI? BIMI (Brand Indicators for Message Identification) is a visual trust indicator that allows domain owners to display their verified brand logos in supporting inboxes after passing DMARC authentication. That way, your customers can be sure that your emails are legitimate. BIMI is built on the DMARC standard for verifying email. Before you send an email to your recipients’ inboxes, your email provider verifies it against the sender’s DMARC record within the message to confirm that it’s legitimate. Resources like BIMI record checks allow users to validate their BIMI record to ensure customer trust. Why are Email Security Protocols Important? Email security protocols, like the ones discussed above, are vital in combating email-related attacks. As such, major email providers including Google, Yahoo, Microsoft, and Apple have begun to require certain authentication protocols like SPF, DKIM, and a proper DMARC setup to protect users from spam, spoofing, and phishing, help keep user data safe, and preserve their brand reputation.  While these major platforms simply require base-level implementation — meaning a DMARC record with at least a p=none policy — this is just the monitoring mode of DMARC and represents the first step in a domain’s DMARC journey. For the highest level of projection against email-based attacks, it is recommended that users implement a policy of p=reject in order to instruct email receivers to outright reject emails that fail DMARC checks.  What are Phishing and Spoofing? Phishing Phishing is a social engineering tactic in which hackers send emails or other messages pretending to be from reputable sources in order to get individuals to share sensitive and personal information. Since the mid-1990s, cybercriminals have used phishing attacks to steal credentials, financial information, and confidential business data, which often results in financial losses and reputational damage. Phishing remains the most prevalent cyber threat worldwide, accounting for the majority of security breaches, and is often the entry point for ransomware and BEC scams.  Spoofing Spoofing is a type of cybercrime in which spam emails are sent using the identity of a trusted company or individual. Bad actors send fake emails that appear legitimate so they can trick victims into sharing sensitive details or downloading malware-infected files. Cybercriminals use email spoofing for many reasons, including: Hiding their identities Avoiding a spam blocklist Damaging a brand’s image Doing personal damage Requesting transfers of money Tricking victims into submitting sensitive details like passwords and login credentials Fraudulently gaining a target’s financial details or OTPs How are Phishing and Spoofing Connected? Phishing attacks are successful because they often use emails designed to look legitimate and appear to come from a trusted sender. These cyberattacks exploit human nature, incorporating elements of urgency, fear, or excitement.  For example, a phishing email might look like an urgent bank message saying your account has been compromised and you need to submit your login credentials. It could also seem like communication from your boss requesting sensitive info or an email saying you’ve won something and need to click on a malicious link (disguised as a genuine one). You can avoid phishing attacks by checking if an email is sent from an authentic and credible domain. Other factors like misspellings, unrequested or unidentified links and files, unusual requests, etc., are red flags too. On the other hand, spoofing involves disguising illegitimate communication as legitimate. Bad actors use anything from email addresses and phone numbers to domain names and websites. In email spoofing, they usually send emails from a typosquatted or extended email domain. Typosquatting is a cybercrime where malicious actors register domains with deliberate misspellings to lure victims into clicking a corrupt link or sharing crucial details, for example, using amaz0n.com instead of amazon.com.  Phishing and spoofing are often used interchangeably because they work hand in hand to create a believable email that appears to come from a legitimate source. Hackers use email spoofing tactics to conceal phishing attempts and fool recipients. Which Security Protocols Help Prevent These Attacks? DMARC, DKIM, and SPF all specifically help prevent spoofing and phishing. By correctly implementing these protocols, users can correctly authenticate, verify, and monitor email communications. Email Security Protocols Protect Your Brand Many organizations view security measures as obstacles that slow down operations and create friction in communication channels. When it comes to email security protocols, there’s often hesitation due to perceived implementation complexity and concerns about potential delivery disruptions. However, this short-term thinking ignores the substantial consequences of email-based attacks. A single successful phishing campaign or domain spoofing incident can lead to data breaches costing millions, regulatory penalties, and most devastatingly, the erosion of customer trust that may have taken years to build. The reputational damage from compromised email channels far outweighs any temporary inconvenience during security implementation. In fact, 86% of customers are willing to pay more for companies they trust, while one-third of consumers will abandon brands they love after just one bad experience.  When customers receive fraudulent emails appearing to come from your domain, they don’t blame the cybercriminals – they question your organization’s commitment to security. Modern email authentication protocols not only prevent these incidents but have become streamlined enough that implementation no longer significantly impacts operations, making the argument against email security implementation obsolete. Protecting Your User’s Data is Critical The landscape of data leaks has evolved into a persistent threat for businesses of all sizes. According to IBM’s Cost of a Data Breach Report 2023, the global average cost of a data breach reached $4.45 million, a 15% increase over three years. These financial impacts extend far beyond immediately fixable costs. When MGM Resorts experienced a massive breach in September 2023, they reported losses exceeding $100 million from operational disruptions alone, while T-Mobile’s 2021 breach resulted in a $350 million settlement after exposing data from 76.6 million customers. The repercussions of data leaks stretch well beyond financial statements. Perhaps most concerning is the long-tail effect – businesses typically don’t discover breaches for an average of 277 days, allowing attackers extensive access to sensitive systems. Email security protocols are the critical first line of defense against these devastating scenarios. Given that approximately 90% of data breaches begin with phishing emails or business email compromise, implementing robust authentication standards like DMARC, SPF, and DKIM serves as a foundational security measure.  These protocols help prevent attackers from impersonating legitimate domains, blocking one of the most common entry points for data theft. By verifying sender legitimacy and ensuring email integrity, these standards significantly reduce the risk of employees or customers falling victim to sophisticated phishing attempts that often initiate the chain of events leading to catastrophic data exposure. Implementing Email Security Protocols can be Easy Email security protocols like SPF, DKIM, DMARC, TLS-RPT, MTA-STS, S/MINE, and BIMI form the foundation of modern communication security. As we’ve seen, email remains the primary communication and verification channel worldwide, with billions of users depending on it daily. As such, email is an attractive target for cybercriminals employing increasingly sophisticated phishing attacks, spoofing, and fraud schemes. Implementation of these critical protocols doesn’t have to be complex or disruptive when approached proactively. DMARC solutions for businesses are a great way to ensure proper execution of these measures. At EasyDMARC, we offer a comprehensive platform specifically designed to simplify email security implementation. Our solution provides automated setup, continuous monitoring, and real-time reporting to ensure your domain remains protected without burdening your IT resources. Whether you’re managing a small business email server or enterprise-level communications, our intuitive dashboard and expert support make maintaining robust email security accessible for organizations of all sizes. As we look to the future, email-based threats will only become more sophisticated, leveraging advanced AI and social engineering techniques to bypass traditional security measures. The rise of deepfakes and machine-learning powered impersonation attacks means that yesterday’s security approaches are insufficient for tomorrow’s threats. By implementing comprehensive email security protocols now, organizations establish a critical first line of defense against evolving threats.  With EasyDMARC’s continuous updates and proactive security approach, businesses can stay ahead of emerging vulnerabilities, preserve their brand reputation, and ensure the integrity of their most important communication channel.  The post Email Security Protocols and Why They’re Important appeared first on EasyDMARC.

The Adoption Report 2025 by EasyDMARC In our 2025 DMARC Adoption Report, we examined DMARC adoption across the 1.8 million most-visited domains worldwide. Though adoption is growing—spurred by new email provider requirements and regulations—our research reveals a critical protection gap. Most domains have implemented DMARC but lack the enforcement policies and reporting configurations necessary for actual security. Sign Up for Early Access Available May 2025 Inside This Report Adoption trends: The significant growth in DMARC implementation Implementation gaps: Why most domains remain exposed despite having records Missing visibility: How 70% of organizations lack crucial reporting configurations Action plan: Moving from basic compliance to effective protection Why This Matters Now Major email providers have implemented strict authentication requirements affecting all organizations sending bulk emails. Our report provides the strategic guidance needed to protect your domain reputation while ensuring email deliverability. Available May 2025 Join the Waitlist! First name Last name Email Job Title Company Name Phone Number Reserve Your Copy The post The Adoption Report 2025 by EasyDMARC appeared first on EasyDMARC.