How to set up DMARC yourself.
With the changes going ahead on February 1st, 2024 it essentially means that if anyone is with Google/Yahoo as their email provider and you do not have DMARC setup on your business emails your emails will either bounce back or go to their spam. (10.3% of business emails are hosted by Google Workspace). It is so important to setup DMARC. There are also some other major security flaws of not having a DMARC/DKIM record setup which we will be covering in another blog article soon but for cyber security reasons, it is essential to get these setup for more than just email deliverability.
The reason that Google and Yahoo are making this a requirement is because these security features essentially serve as an ID badge for your email domain, without these it is a lot harder to verify if someone sending from an email address is actually who they say they are and not someone pretending to be them. Without this, somebody can potentially impersonate you and then send emails from your email address. This does not mean they can gain access to your account only that they can pretend to be you.
How do you set up DMARC then?
It is super simple to set this up as long as you have access to the domain name control panel.
- You need to add a new record with the type “TXT”
- Under the field Name put _dmarc
- For TTL select either auto or 3600
- Under the content field you want to enter the below text but modify it so it is relevant to your business. You need to modify the email addresses to match a valid email within your business to provide you with reports if you are failing authentication or if somebody impersonating you is. I would recommend leaving the rest as is but I have linked the microsoft article on the more technical aspects of this record at the bottom of the record.
v=DMARC1; p=quarantine; rua=mailto:firstname.lastname@example.org; ruf=mailto:email@example.com; fo=1
Once this is all done you will meet the requirements that are being brought in but from a cyber security perspective it is best to setup DKIM and SPF aswell to protect yourselves from hacks. If you guys stuck with any of this give us a call on 01256 596525 and we can guide you through any part you are stuck with free of charge.
How do I see if I have DMARC setup?
There are some great free tools online that you can use to check to see if you are set up correctly. The one that we use is mxtoolbox.com/SuperTool.aspx. All you have to do is enter your domain name (example.com) and press MX Lookup and then it will tell you if you are DMARC compliant. Another basic check is the SPF Record lookup which you can select from the dropdown menu and it will tell you if you are SPF compliant. There are some other very important security settings for email that are often not configured but you cannot check these externally with tools.
What are the essential cyber security systems that my business should have setup?
There are so many different cyber security solutions that you can choose from but most of them are not essential and are a bit of a waste of money. Cyber security doesn’t have to be expensive, below is a list of free cyber security recommendations that all businesses can setup themselves and then a list of essential cyber security solutions that cost money but are essential.
Cost-free cyber security essentials
- DMARC Configuration
- DKIM Configuration
- SPF Configuration
- Complex passwords that are not used more than once across different sites
- Educating staff on the different cyber threats and how to not fall victim to them
- Having up-to-date software and devices
We will start to cover all of these in separate blog articles over the next few weeks but you can implement all of these in your business today at no cost and protect yourself from your business being hacked.
Essential low-cost cyber security essentials
- Backup of all business data
- An email security gateway
- Modern advanced antivirus (Not Norton or similar home antiviruses as these are not effective at stopping advanced threats!)
If you have any concerns that you may not be completely cyber safe we offer a free cyber security audit of any small businesses to prevent them from being hacked, you can book on for a meeting for a free cyber security audit with the following link: Shepherdit.net/book-a-meeting or by giving us a call on 01256 596525.
I hope you enjoyed our article on how to setup DMARC. Subscribe to our marketing newsletter to see more useful guides and important news relevant to you below, no spam!