DMARC security protocol escorts e-mail

Recently, Sohu Wuhan R & D Center, said its research and development of Sohu SendCloud triggered mail sending system, is about to use the DMARC security protocol to further ensure the safety of its mail.

As a third-party mail sending service platform developed by Sohu Wuhan Center, it provides multiple interfaces to help developers and entrepreneurs complete the sending and tracking of mail. Sohu SendCloud committed to providing users with a convenient trigger mail sending service to meet the individual needs of users and provide real-time data analysis, technically effective against spam misjudgments, so that e-mail can be efficiently arrived, with professional technology and services Solve the user's e-mail to send the problem.

As we all know, a mail, "Sender" address can be forged, such as qq domain mailbox users, forged mail sender address xxx@sohu.com, the mail seems to be from a domain sohu domain users. This makes a lot of spam available, spammer use this flaw to send a large number of phishing and phishing email in an attempt to get some valuable information from the recipient, such as personal password, bank card account password, credit card data and many more. For example, some phishing emails forge an email from Alipay. The content of the emails is modeled on the official password of Alipay to retrieve the content and style of the emails. The recipient is required to enter their own Alipay account and password. In this case, many users are very easy Deceived.

According to statistics, there are about 100 million phishing emails delivered worldwide every day, and all-purpose phishing emails and fraudulent emails threaten users' information and property safety. The impact on victims and society is too great and too harsh. At the same time, various e-mail service operators are miserable and have tried their best to solve the problems. So on January 30, 2012, 15 industry giants (mainly including financial institutions, Email service providers, data analysis institutions, etc.) such as PayPal, Google, Microsoft, Yahoo and ReturnPath jointly announced the formation of a new Internet Alliance dedicated to To submit and promote a DMARC new email security protocol.

Like other email security protocols, the main purpose of the DMARC protocol is to identify and intercept phishing emails so that phishing emails no longer enter the user's mailbox (inbox or trash) and reduce the number of email users who open / read phishing emails Possibility to protect your personal information such as your account password.

The DMARC protocol is based on the existing two mainstream email security protocols, DKIM and SPF, and is stated by the Mail Sender party (Domain Owner) in [DNS]. When the Receiver party (its MTA must support the DMARC protocol) receives the mail sent from the domain, the DMARC check is performed. If the check fails, a report needs to be sent to the specified URI (often an email address).

Because the DMARC protocol is based on the existing DKIM and SPF protocols, SPF and DKIM records must be configured before adding policies to your DNS records in the form of TXT records to configure DMARC.

Create a TXT record with the appropriate name and value. For example, sohu.com configuration DMARC records, TXT record name should be "_dmarc.sohu.com".

Here are some examples of DMARC TXT records (for example, sohu.com _dmarc.sohu.com IN TXT).

In the TXT logging example below, the system will not take action if the message is claimed to be sent from sohu.com but fails the DMARC check. However, all of these emails are displayed in the daily summary report sent to "postmaster@sohu.com."

"v = DMARC1; p = none; rua = mailto: postmaster@sohu.com"

In the TXT record example below, if the message claims to be sent from your domain.com but fails the DMARC check, it is isolated at 5%. The daily summary report is then emailed to "postmaster@sohu.com."

"v = DMARC1; p = quarantine; pct = 5; rua = mailto: postmaster@sohu.com"

In the last example, if the message is claimed to be sent from "your_domain.com" but failed to pass the DMARC check, 100% of the message will be rejected. The daily summary report is then emailed to "postmaster@sohu.com" and "dmarc@sohu.com."

"v = DMARC1; p = reject; rua = mailto: postmaster @ sohu.com, mailto: dmarc@sohu.com"

Only v (version) and p (policy) tags are required. There are three policy settings (or mail handling settings) to choose from:

·

op = none - No action taken. Impacted mailings are recorded only in daily reports.

op = quarantine - Mark affected mail as spam.

op = reject - Undo mail at the SMTP layer.

Be sure to include your email address in the optional rua tag to receive daily reports.

It is reported, SendCloud will use the DMARC protocol this month to enhance spam blocking capabilities.

In addition, SendCloud recently do promotions, register to get 30,000 free delivery lines.

Event address: http://sendcloud.sohu.com/sendcloud/yixieshi