Email Authentication
The FBI’s Internet Crime Complaint Center (IC3) has released the 2023 Internet Crime Report, which is based on internet crimes reported to the IC3. In 2023, as in 2022, phishing/spoofing was the top crime reported, and investment scams were the most financially damaging. The IC3 received a record 880,418 complaints with associated record losses of more than $12.5 billion, up 10% and 22% respectively from 2022. Keep in mind that these are only reported numbers and just from the American public. 2023 Internet Crime Overview Business Email Compromise: There were 21,489 BEC reports with over $2.9 billion in losses. The IC3 notes a trend of criminals using financial custodial accounts for crypto exchanges, third-party processors and phishing. Investment Fraud: The losses from investment scams increased from $3.31 billion in 2022 to $4.57 billion in 2023. With this 38% increase, investment fraud became the crime with the heaviest reported losses. Cryptocurrency
This article takes a look at DKIM Selectors in particular, and we explain: What DKIM Selectors are Where to find your own DKIM Selector Third-Party providers and DKIM Signing How does DKIM work? DKIM (DomainKeys Identified Mail) is an email authentication method that allows an email receiver to check that an email that claimed to come from a specific domain was indeed authorized by the owner of that domain and received without any unauthorized modification to its content during transit. This is achieved through the use of cryptographic authentication with the use of a cryptographic key pair—a private key and a public key. The Mechanics of DKIM Digital Signature Creation: When an email is sent, the originating email server generates a unique digital signature for the message. This signature is based on the content of the email itself, including headers and body, ensuring that any alteration of the email during
Ash Morin, our Director of Deployment, joined Mailgun’s Email’s Not Dead podcast crew to discuss Google and Yahoo’s DMARC sender requirements, which they began enforcing on February 1, 2024. Ash was a guest on Email’s Not Dead S2 E7—Spoofing, Phishing and for the Love of DMARC and on S3 E5—Implementing DMARC. In S5 E4, faithful hosts Jonathan Torres and Eric Trinidad asked Ash to join them and provide an overview of what he’s seen and what he predicts with the new email authentication standards update from Yahoo and Google. “Immediately after the announcement we started getting a lot of questions coming in. Not only questions from our existing customer base, but also in ecosystems,” Ash said. “There’s been a lot of ‘what does that mean?’ And almost immediately following, they were asking, ‘does that change anything about the standards? If not, what’s my current state? Am I actually good?’ Even
In February 2024, Google and Yahoo started implementing a series of gradual enforcements for organisations that send over 5000 emails daily, also defined as bulk email senders. These enforcements are especially relevant to Domain-based Message Authentication, Reporting & Conformance (DMARC). With this initiative, Google and Yahoo intend to reduce the overall amount of spam and spoofed content sent across the internet, especially focusing on the authentication of an organisation’s email infrastructure. This move, aimed at combating spam and improving email security, involves using Sender Policy Framework (SPF), DomainKeys Identified Mail (DKIM), and DMARC standards. This article covers the Google and Yahoo requirement specifications and focuses on the potential impacts on European businesses. In particular, it addresses the complications of implementing DMARC across the European email ecosystem and the necessary steps to comply with the enforcement. Impact on European Email Senders: A Closer Look Popular Email Providers in Europe Challenges of
DomainKeys Identified Mail (DKIM) is an email security standard designed to help prevent email spoofing. It works by adding a “tamper-proof” seal to email messages, ensuring their authenticity and integrity. However, sometimes legitimate emails fail DKIM signature verification due to canonicalization issues, leading to email delivery problems. This article explains how to resolve these issues by adjusting DKIM canonicalization settings on your email gateway systems. Below is a representation of how DKIM works in an email infrastructure: Video: DKIM Overview Here’s a brief DKIM overview to help you understand its role in email authentication and DMARC. Understanding DKIM Canonicalization Canonicalization in DKIM refers to the method used to prepare an email’s header and body for signing. According to RFC 6376 Section 3.4, there are two canonicalization algorithms for header and body: simple and relaxed. The choice between these settings affects how strictly the email’s content must match the sending and
What is a PTR Record? A PTR (Pointer) record, also known as a Reverse DNS record, maps an IP address to a domain name; essentially, it’s the opposite of what an A record does in DNS. While A records are used to translate domain names to IP addresses, PTR records are used to verify that an IP address indeed corresponds to a domain name. This is a common verification step for receivers and part of many checks to determine the legitimacy of a connection’s origin, such as email servers. Why Does it Matter? PTR records hold significance for a myriad of reasons across various aspects of internet communication and network management. They facilitate smoother network operations, aid in troubleshooting, and enhance the trustworthiness of servers. However, for the purpose of this article, we will focus on their role in email security and delivery where their impact can be profound. Focusing
Google and Yahoo’s DMARC requirements will be enforced in February 2024 for higher volume senders. We have resources to help you prepare for DMARC and other sender requirements to ensure your email delivery won’t be disrupted. Why DMARC now? There are few mechanisms that prohibit bad actors from sending an email pretending to be you. DMARC is the main control for fighting domain abuse. It’s a free and open technical specification that authenticates emails with SPF and DKIM. By publishing a DMARC record in your domain’s DNS, you can fight business email compromise, phishing and spoofing. DMARC, SPF and DKIM aren’t newcomers to the email authentication scene—they’ve been around for over a decade and have grown to become a best practice. Email is involved in more than 90% of all network attacks; without DMARC, it can be hard to tell if an email is real or fake. Because of the
For those of you that use GoDaddy as your DNS provider, here are brief instructions for adding a DMARC record . If your domain has been added to GoDaddy through one of their partners you’ll manage your DNS records through that hosting partner. Create your domain’s DMARC record. If you have already generated a DMARC record, you can verify it with our free diagnostic tool . If you need to generate a DMARC record, you can use our free DMARC Record Wizard When you have created and verified your DMARC record, log in to your GoDaddy account. Select your domain to access the Domain Settings page. Select DNS to view your DNS records. Select Add New Record Select TXT from the Type menu. Enter the details for your TXT record: Make sure the record Type is TXT. Name/Host is set to _dmarc. Set Value to the DMARC record generated in
A DMARC record will need to be created and published in your domain’s DNS hosting provider. Some popular hosting providers are GoDaddy, Namecheap, DNS Made Easy and Cloudflare. We have several guides listed below for many of the top hosting providers to help you with each step of publishing your record. If you do not see your hosting provider listed below, you’ll want to get the step-by-step instructions directly from your provider’s website and follow their help documentation if you get stuck. Domain Name System (DNS) is an important service for all traffic that is sent or received over the internet (email, web traffic, etc.). DNS helps provide all of our connected devices with routing directions and instructions on how to perform a specific task, such as sending an email or visiting your favorite news site. Your DMARC record will inform others how to handle email that claims to come
With Google and Yahoo transitioning several long-standing best practices to enforced sender requirements, we created the following guide to ensure you understand where you can find evidence of delivery issues and begin to understand what additional steps you need to take in order to ensure you are sending according to their guidelines. What are error codes? Email error codes and bounce strings are generated when one email server attempts delivery to another email server that results in a failure. Error codes are also commonly referred to as bounce codes, SMTP errors, or Delivery Status Notifications (DSN). You can use the messages and codes to help understand the underlying reason and attempt to troubleshoot them. Most often, the source sending emails on your behalf will have developed software to handle errors in an automated fashion for you. Where some email sources may expose these errors to you through their interface, the