[dmarc-discuss] On Inbound DMARC Support

Chris Meidinger chrismeidinger at me.com
Wed Jun 18 15:37:44 PDT 2014


Apologies for the empty message there everyone - finger slipped in just the exact wrong way while reading on phone.

> On Jun 18, 2014, at 18:32, Chris Meidinger via dmarc-discuss <dmarc-discuss at dmarc.org> wrote:
> 
> 
> 
> Sent from my telephone. Please execute spelling errors.
> 
>> On Jun 18, 2014, at 18:06, Steven M Jones via dmarc-discuss <dmarc-discuss at dmarc.org> wrote:
>> 
>>> On 06/18/2014 05:32 AM, Solomon, Dianne B via dmarc-discuss wrote:
>>> I learned this week that two of the major players in enterprise email security  – Proofpoint and IronMail – do not support DMARC.  Said one vendor to me, “I understand your inbound use case for DMARC, we just don’t hear it very often.”
>> 
>> BofA has been their customer since 2005, and has been asking for inbound DMARC support from Proofpoint literally for years now. Of course it took them so long to get DKIM support working properly, I suppose I shouldn't be surprised...
>> 
>> Anyway - yes, making sure your vendors hear these requests is useful.
>> 
>> 
>>> So adoption is growing – meaning more and more companies are putting the authentication tools in place to protect consumers through ISPs, but in the B2B email space, it is virtually ignored.
>> 
>> I do think DMARC has a useful role to play in the B2B space, but there's usually a more urgent case for deploying it in business-to-consumer scenarios. If you're looking for the low hanging fruit, getting your B2C mailstreams into shape for a "p=quarantine" or "p=reject" probably wins. If you have the resources and management support to pursue both in parallel, great. If you have to prioritize, I'd recommend B2C first.
>> 
>> That said, on the B2B side I always come back to an example from some years back where a large networking vendor was attacked by phishers impersonating their HR & benefits provider. It mirrors the B2C case, the consumers just happen to be employees, and it's a compelling reason to be looking for receiver-side DMARC from your vendors.
>> 
>> 
>>> Businesses rely on spam filters, and technologies like Proofpoint’s TAP, both of limited use against spearphishing and other targeted attack vectors.
>> 
>> I believe there are some announcements expected shortly, and both Symantec and Halon are already offering it as a cloud filtering service. (I think I'm forgetting another service...)
>> 
>> --Steve.
>> 
>> _______________________________________________
>> dmarc-discuss mailing list
>> dmarc-discuss at dmarc.org
>> http://www.dmarc.org/mailman/listinfo/dmarc-discuss
>> 
>> NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)
> _______________________________________________
> dmarc-discuss mailing list
> dmarc-discuss at dmarc.org
> http://www.dmarc.org/mailman/listinfo/dmarc-discuss
> 
> NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://dmarc.org/pipermail/dmarc-discuss/attachments/20140618/b8acb88d/attachment-0001.html>


More information about the dmarc-discuss mailing list