91% OF ALL CYBER CRIMES BEGIN WITH AN EMAIL. Properly implemented email security is the key step in protecting your company and users from cyber attack via email. Critical to email security is email authentication. Email authentication helps to improve the delivery and credibility of your emails by proving that an email is not forged. In other words, it provides a way to verify that an email comes from who it claims to be from. Email authentication is most often used to block harmful or fraudulent uses of email such as phishing and spam.

The most commonly used email authentication standards are SPF, DKIM, and DMARC. These are acronyms for text records that specifically prove and protect a sender’s authentication.

Why do we need SPF, DKIM, & DMARC?

SPF, DKIM, & DMARC solves a somewhat different piece of the email puzzle to prevent phishing and spam. This is accomplished via a combination of standard authentication and encryption tools, such as public and private key signing, and adding special DNS records to authenticate email coming from your domains.

In the early days of the internet, email was mostly used among university researchers who knew and trusted each other. Unfortunately, those days are long gone. We need all three protocols to ensure that messages can’t be easily forged and can be blocked from ever reaching users’ inboxes. SPF, DKIM, and DMARC are difficult to configure and require careful study to understand how they inter-relate and complement each other with their protective features.

  • SPF allows senders to define which IP addresses are allowed to send mail for a particular domain.
  • DKIM provides an encryption key and digital signature that verifies that an email message was not faked or altered.
  • DMARC unifies the SPF and DKIM authentication mechanisms into a common framework and allows domain owners to declare how they would like email from that domain to be handled if it fails an authorization test.

What is SPF and why is it important?

SPF, or Sender Policy Framework, is an email validation protocol designed to detect and block email spoofing. It allows mail exchangers to verify that incoming mail from a specific domain comes from an IP Address authorized by that domain’s administrators. SPF is a “proposed standard” that helps protect email users from potential spammers. Email spam and phishing often use forged “from” addresses and domains, so publishing and checking SPF records is considered one of the most reliable and simple to use anti-spam techniques.

What is DKIM and why is it important?

DKIM, or DomainKeys Identified Mail, lets an organization (or handler of the message) take responsibility for a message that is in transit. DKIM proves three things:

  1. The contents of an email have not been tampered with.
  2. The headers in the email have not changed since the original sender sent and that there is no new “from” domain.
  3. The sender of the email owns the DKIM domain, or is authorized by the owner of that domain.

In other words, DKIM is a way to ‘sign’ an email with a digitally-encrypted signature. This signature is a header that is included in an email message.

What is DMARC and why is it important?

DMARC, or Domain-Based Message Authentication Reporting and Conformance, is an added authentication method that uses both SPF and DKIM to verify whether or not an email was actually sent by the owner of the “Friendly-From” domain that the user sees. In order for DMARC to pass, both SPF and DKIM must pass, and at least one of them must be aligned, ie, the information contained in one of the records matches the “friendly from” domain (e.g., sender@sender-domain.com) that the user actually sees and the from address that’s contained in the message’s header.

Any message that does not align is treated as phishing and is not delivered. Phishing is the fraudulent practice of sending malicious emails pretending to be someone else in an attempt to steal a user’s credit card information or other personal information. Therefore, with DMARC, you are protecting yourself.

We can help setup your email authentication.

Contact Us

Benchmark Cyber Security Managed Service

Managed Cyber Security Service

  • Protect:

    We inspect to protect by quickly assessing vulnerabilities and creating a customized protection plan.
  • Detect:

    We don’t leave you unchecked. We keep an eye on your security posture identifying potential risks in real time.
  • Respond:

    We don’t yawn, we respond. Mitigation techniques are performed to prevent expansion and to resolve the incident.
Benchmark Managed IT Service

Managed IT Service

  • Prevention:

    When prevention is key, we are your trustees. Preventative maintenance lengthens the life span of your devices reducing costs overtime.
  • Monitoring:

    We monitor your network and take out the guesswork. Enhancing network performance to keep it operating smoothly.
  • Support:

    We are your 1st resort for support. Rest assured, we are on standby for immediate assistance.

Business Continuity Planning

Business Continuity Planning
Protect your organization from the impact of disasters like the current pandemic. Covid-19 worldwide pandemic has made the need for a business continuity plan more relevant. During times like these, having a business continuity plan in place is critical. Benchmark can help you establish an online business continuity plan that contains comprehensive disaster planning and recovery processes for employees, locations, tasks, assets, vendors, insurance, and business functions - everything you need to get your business back up as fast as possible.

Contact Us

Working from Home?

Work Securely From Home

Working from home is becoming the new reality. Here are some suggestions to make you remote office setup more effective and productive. 

  • Set and keep regular office hours.
  • Plan and structure your workday.
  • Get dressed.
  • Set aside a designated work area.
  • Take breaks.
  • Avoid distractions.
  • Connect with your teammates.

Contact Us

Contact us if you need help setting up your secure remote access