The CERT EU (the Computer Emergency Response Team for the EU institutions, agencies and bodies) released a very informative paper called “DMARC – Defeating Email Abuse” on how to configure DMARC (Domain-based Message Authentication, Reporting & Conformance) to reduce the level of email abuse.
Properly implemented, DMARC can reduce the amount of spoofed emails which according to the whitepaper can in turn be used to reduce;
- spear-phishing e-mails, where the attackers want to impersonate well-known, trusted identities in order to steal passwords or other financial/personal data or download malicious files and exploits;
- fraudsters who want to cover their tracks and remain anonymous;
- computer worms;
- brand name impersonation
Anyone responsible for managing email services should take the time to download and read this whitepaper.