DMARC

What is it

How to get it

(In 5 min...😓)

At the risk of being that guy....

Email is broken by design

ANYONE can send as you by default

Case Study

Paying my ISP Bill

Is this from Spectrum?

spf - dig spectrumemails.com -t txt

dmarc - dig _dmarc.spectrumemails.com -t txt

dkim - (more complicated)

From a User's Viewpoint

Brand looks right
Domain looks "ok" (spectrumemails.com?)
Link goes to a domain I recognize

Security Professionals
"Best Practices"

We can do better.

Let's start rebuilding trust with email.

Let's get personal.

Who here owns a domain?

Who here has just parked the domain?

SPF Record

v=spf1 -all

Better Defaults: Parked Domain

DMARC Record

v=DMARC1; p=reject

Want to send emails?

Sorry, that doesn't fit in 5 min 😔

But I'll be happy to talk about it afterwards 😊

DMARC Lighting Talk

By Robert Roskam

DMARC Lighting Talk

Robert Roskam

Engineer Manager at Pantheon

raiderrobert

DMARC

What is it

How to get it

(In 5 min...😓)

At the risk of being that guy....

Email is broken by design

ANYONE can send as you by default

Case Study

Paying my ISP Bill

Is this from Spectrum?

From a User's Viewpoint

Security Professionals "Best Practices"

We can do better.

Let's start rebuilding trust with email.

Let's get personal.

Who here owns a domain?

Who here has just parked the domain?

SPF Record

v=spf1 -all

Better Defaults: Parked Domain

DMARC Record

v=DMARC1; p=reject

Want to send emails?

Sorry, that doesn't fit in 5 min 😔

But I'll be happy to talk about it afterwards 😊

DMARC Lighting Talk

More from Robert Roskam

Security Professionals
"Best Practices"