Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

DMARC anti-phishing technology gains acceptance

John P. Mello Jr. | Feb. 7, 2013
The security framework for email has something to celebrate on its one-year anniversary

A technology aimed at blunting phishing attacks on organizations appears to be finally gaining steam a year after its introduction.

Domain-based Message Authentication, Reporting and Conformance (DMARC) is a security framework that offers a way to identify phishing messages by standardizing how email receivers perform email authentication.

Although only a year old, the technology is already protecting 60% of the email boxes in the world -- and 80% of email boxes in the United States, according to Agari, an email security company. Agari was one of the founding companies behind DMARC, along with Google, Microsoft, Facebook, Bank of America and JP Morgan Chase.

As with any new technology, particularly something that affects email, acceptance can be a hurdle. But it's one DMARC is poised to leap over, according to Agari founder and CEO Patrick Peterson.

"We are at escape velocity," he said in an interview. "When we started, people said they thought it was an interesting idea, but wondered if it was going to be one of these things you hear about and nothing ever comes of it. That's not going to happen."

In addition to making significant inroads with mailbox providers, DMARC has gained acceptance among email senders, said Trent Adams, chairman of and senior policy advisor at PayPal.

Half of the top 20 email senders have implemented DMARC, he said. "That may not sound like a lot, but if you look at it by volume, the vast, vast majority of email sent over the wire is by the top 20 senders," Adams said.

Another sign that DMARC is gaining traction is the number of Internet domains that have adopted the technology in the last year, even though they weren't among the core supporters of the framework. That group includes 60% of top 20 domains now using DMARC. "That shows adoption beyond the group of folks that came into this knowing this was a good solution," Adams said.

When DMARC was introduced, it was seen as a bridge between two competing email authentication schemes -- Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM).

SPF authenticates where an email originates by comparing its IP address to a list of valid IP addresses submitted by the domain owner to the Domain Name System. If a message arrives at a mail exchange saying it's from a certain domain, but the IP address where it came from doesn't correspond to the addresses in the SPF record for that domain, the message is bounced.

DKIM insures a message's origin by attaching a cryptographic digital signature to it that associates a message to a domain. That signature can be reviewed at any point in the message's path to its destination.


1  2  Next Page 

Sign up for Computerworld eNewsletters.