Share

Related Links

Top 5 Stories

News

Spam and phishing are growing problems: DMARC has the answer

30 January 2012

DMARC is the technical working group of 15 leading email services and technology providers working on a standard to fight ‘deceptive’ emails such as spam and phishing.

Companies involved include email providers AOL, Gmail, Hotmail and Yahoo; financial institutions such as Bank of America and Paypal; and social media companies American Greetings, Facebook and LinkedIn. “Email phishing defrauds millions of people and companies every year,” says Paypal’s Brett McDowell, Chair of DMARC.org, “resulting in a loss of consumer confidence in email and the internet as a whole. Industry cooperation – combined with technology and consumer education – is crucial to fight phishing."

Domain spoofing is one of the most-used techniques employed by spammers and spoofers. This involves forging the email header so that the message appears to come from a legitimate and trusted company, often a bank. DMARC’s purpose is to bring together leading technology companies and build on the existing anti-spam technologies (Sender Policy Framework and Domain Keys Identified Mail) to provide a global and unified response to spam and phishing. "What we need is an Internet standard that allows this level of protection to work at scale - without any discussion, without any partner agreements," McDowell said. "That is what DMARC does."

DMARC fits into companies’ existing authentication processes, and works by testing messages against what should be expected from the sender. If the message and the expectations do not align, then DMARC provides guidance on what should be done. It is currently being field-tested. Using the experience and data gathered, the organization intends to submit the specification to the IETF for standardization.

This article is featured in:
Industry News  •  Internet and Network Security

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×