Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2990
Views
10
Helpful
5
Replies

Cisco ESA DMARC

Go to solution
ccna_security
Level 3
Level 3

‎08-01-2019 09:47 PM

Dear all I want to ask you few questions. I would be happy if you answer that questions. 1. Should DMARC be configured along with SPM and DKIM? Or, can I only configure DMARC for mail spoofing? 2. DMARC is used for to check the email whether it is spoofed or not, right? 3. What kind of problem would be occur if I configure DMARC?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
ppreenja
Cisco Employee
Cisco Employee

‎08-04-2019 01:37 AM - edited ‎08-04-2019 01:38 AM

Hi,

First of all, I would like to share with you below article which will answer most of your queries:
https://www.cisco.com/c/dam/en/us/products/collateral/security/esa-spf-dkim-dmarc.pdf

Now to answers your queries, please refer below:

1. Should DMARC be configured along with SPM and DKIM? Or, can I only configure DMARC for mail spoofing?


- DMARC is the youngest of the three (SPF,DKIM & DMARC) email authentication technologies, and was
developed specifically to address the shortcomings of both SPF and DKIM. Unlike the other two,
it authenticates the Header "From" of a message and links into the checks previously performed by
the other two. Hence, we need to enable SPF and DKIM for DMARC to work.

2. DMARC is used for to check the email whether it is spoofed or not, right?


-DomainKeys Identified Mail, or DKIM, is a technical standard that helps protect email senders and recipients from spam, spoofing, and phishing. It is a form of email authentication that allows an organization to claim responsibility for a message in a way that can be validated by the recipient.

3. What kind of problem would be occur if I configure DMARC?


- There are several potential issues with DMARC, all of which come from the nature and
shortcomings of other authentication technologies it relies to. The problem is that DMARC
brought those issues to surface by actively pushing a policy to reject email, and by correlating all
the different sender identifiers in a message.
For more details, you can refer to "DMARC-Specific Issues" in the article I shared above.

I hope the above information is helpful.

Regards,
Pratham

View solution in original post

5 Replies 5

Go to solution
dmccabej
Cisco Employee
Cisco Employee

‎08-02-2019 08:20 AM

Hello,

 

I would recommend reviewing the best practices guide for SPF, DKIM and DMARC. This should give some insight into the details you're looking for. You can also take a look at the information on the official DMARC.org website. 

 

Thanks!

-Dennis M.

 

 

Go to solution
daachary
Cisco Employee
Cisco Employee

‎08-02-2019 06:17 PM

Hello,

 

DMARC is generally a tool used for reporting with the building on the verification done on SPF and DKIM combined; it is to ensure the integrity of the emails combined with checking if the email is fraudulent or not from certain domains which do publish the records going forward.

DMARC will not function without either SPF or DKIM availability deployed.

 

http://www.cisco.com/c/en/us/support/security/email-security-appliance/products-user-guide-list.html

 

The chapter that covers SPF, DKIM and DMARC is called "Email Authentication". Keep in mind that in order to use DMARC, you need to have both SPF and DKIM working as DMARC leverages both. For more info about DMARC, please see this page (article below also contains links to DKIM and SPF):

 

https://en.wikipedia.org/wiki/DMARC

 

Hope this helps!

 

Regards,
Dayananda Acharya

0 Helpful

Go to solution
ppreenja
Cisco Employee
Cisco Employee

‎08-04-2019 01:37 AM - edited ‎08-04-2019 01:38 AM

Hi,

First of all, I would like to share with you below article which will answer most of your queries:
https://www.cisco.com/c/dam/en/us/products/collateral/security/esa-spf-dkim-dmarc.pdf

Now to answers your queries, please refer below:

1. Should DMARC be configured along with SPM and DKIM? Or, can I only configure DMARC for mail spoofing?


- DMARC is the youngest of the three (SPF,DKIM & DMARC) email authentication technologies, and was
developed specifically to address the shortcomings of both SPF and DKIM. Unlike the other two,
it authenticates the Header "From" of a message and links into the checks previously performed by
the other two. Hence, we need to enable SPF and DKIM for DMARC to work.

2. DMARC is used for to check the email whether it is spoofed or not, right?


-DomainKeys Identified Mail, or DKIM, is a technical standard that helps protect email senders and recipients from spam, spoofing, and phishing. It is a form of email authentication that allows an organization to claim responsibility for a message in a way that can be validated by the recipient.

3. What kind of problem would be occur if I configure DMARC?


- There are several potential issues with DMARC, all of which come from the nature and
shortcomings of other authentication technologies it relies to. The problem is that DMARC
brought those issues to surface by actively pushing a policy to reject email, and by correlating all
the different sender identifiers in a message.
For more details, you can refer to "DMARC-Specific Issues" in the article I shared above.

I hope the above information is helpful.

Regards,
Pratham

Go to solution
ccna_security
Level 3
Level 3
In response to ppreenja

‎08-04-2019 02:02 AM

Thank you Pratham. I got my answer. Thanks

0 Helpful

Go to solution
ppreenja
Cisco Employee
Cisco Employee
In response to ccna_security

‎08-04-2019 02:22 AM

Happy to help!
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents