Let's dive into the world of email security to unpack two powerful tools that are like knights in shining armour defending your inbox fortress: DKIM and DMARC. There's been a bit of a hullabaloo about it with a number of businesses scrambling to have their "DNS Records updated so Email will get delivered".

Whilst a number of providers gave explanations, I thought I'd throw out my two bobs worth.  That's $0.40 AUD or about $0.27 USD.

There's a couple of questions that we need answer, two of which are - What are DKIM and DMARC, and why should you care about them? 

What's the Deal with DKIM?  

DKIM, or DomainKeys Identified Mail, is like your email's secret handshake.  It's a way for email senders to digitally sign their messages, proving they're legit and not some shady imposter trying to sneak into your inbox.

Here's how it works: 

When you send an email, DKIM adds a unique signature to the message header using cryptographic keys tied to your domain name. This signature acts as a tamper-proof seal, ensuring that the email has indeed been sent from you and your domain and not someone pretending to by you.

I'm sure you've all received an email that looks like it comes from someone, the name is right, the email address is right but ... it wasn't sent by the author.  It was sent by someone impersonating them.

DKIM, with the signature that it adds to the email headers, allows mail servers to verify that the email is indeed legitimate.

But that's only half the story.  The other half is DMARC or Domain-based Message Authentication, Reporting, and Conformance. Think of DMARC as DKIM's trusty sidekick and defining how to handle email that fails the DKIM authentication checks.

When an email message is sent and the DKIM authentication fails, it's the DMARC record on your domain that tells the receiving mail server what to do with the message.

For instance, you can tell email providers to reject or quarantine suspicious emails.  This protects your Business and Brand reputation as well as protecting the recipients from phishing scams and spoofed messages.

There's another facet to DMARC though, it's not just about locking down fake email using your domain - it's also about staying informed. With DMARC reporting, you can elect to receive reports of messages that are sent by your domain and these reports provide valuable insights into who's sending emails on behalf of your domain and how they're being handled by email providers.

Why The Hullabaloo With EMail Marketing Services and The Like?

Well, let's look at this.  When we sign up for a service, we generally configure it so that can send email using our domain name.  We don't our marketing newsletter or sale confirmation EMail going out from a third party domain - that would look scammy and incredibly unprofessional.

Previously, to be able to allow a Zoho Campaigns or a Mailchimp to do this, we would allow almost any provider to send using our domain.  Sure, there were some safeguards but as we've been seeing, those safeguards were relatively easy to overcome.

Now, we create a cryptographic key for each service provider and tie that to our domain.  Only THAT service provider can use that key. Sure, it means that we need to add a domain record for each service we use, but to me that's a small price to pay for the security we get.

Why Should Businesses Care?  

It still might be clear why this is so important to your business. You might thinking, "Okay, DKIM and DMARC sound great for email security, but why should I, a busy business owner, care about all this technical mumbo-jumbo?"

 Well, my friend, the answer is simple: Your business's reputation is on the line. In today's digital age, trust is everything, especially when it comes to communicating with your customers, partners, and stakeholders.

Imagine if someone spoofed your domain to send out malicious emails, sending them to phishing scams or even just damaging the name you've been building for yourself.  That would erode the trust in your brand and get your emails sent to the SPAM folder.  

By implementing DKIM and DMARC, you're taking proactive steps to safeguard your business's reputation and protect your customers from cyber threats. You're saying, "Hey, world, we take email security seriously, and you can trust us to keep your information safe."

How DKIM and DMARC Fight Spam?

Now, let's talk about the elephant in the inbox: spam. We've all been there—scrolling through our emails, only to be bombarded by unsolicited offers, sketchy links, and Nigerian prince scams.

By ensuring that we have DKIM's digital signatures configured for our providers on our domain and DMARC's policy enforcement, spammy emails posing as your domain are swiftly dealt with, either rejected outright or relegated to the spam dungeon where they belong.

By authenticating your emails and setting clear policies, you're not only protecting yourself from phishing attacks and email spoofing but also helping email providers identify and block spam more effectively.

Wrapping It Up: Secure Your Email with DKIM and DMARC  

So, there you have it, DKIM and DMARC are your trusty companions in the battle against email threats and spam. By implementing these email security protocols, you're not only protecting your business but also building trust with your customers and partners.

Remember, in the wild west of the internet, it's crucial to fortify your defenses and stay one step ahead of the cyber threats. With DKIM and DMARC by your side, you can rest easy knowing that your email is safe and sound.

About the Author Charly Dwyer

Charly has more than 30 years experience in the IT industry ranging from hands-on technical, to high-level business management, Charly has installed and configured computing equipment and has managed business contracts in excess of $25 million dollars.

As a result, Charly identifies the best way to integrate solutions and technologies for the most cost effective way to achieve a businesses outcome.

Share your thoughts

Your email address will not be published. Required fields are marked

{"email":"Email address invalid","url":"Website address invalid","required":"Required field missing"}