News: Version update
Email address forgery, better known as spoofing, is one of the most common tactics in spam and phishing emails today, and a common challenge for organisations of all sizes. We are happy to announce that the Sophos Email Appliance version 4.3.0 now includes Domain-based Messaging and Reporting Compliance (DMARC) to help block this fraudulent email activity.
In order to reduce spoofing and provide a safer user experience, Sophos Email Appliance has supported SPF authentication (Sender Policy Framework), and inbound validation of DomainKeys Identified Mail (DKIM) for some time. Now every Email appliance includes Domain-based Messaging and Reporting Compliance (DMARC). Together these technologies check for trusted authenticated senders and help identify untrusted ones that that fail authentication.
Administrators can now leverage Sender Policy Framework (SPF) and DomainKeys Identified Message (DKIM) protocols for IP address and encrypted key authentication, with a DMARC policy providing the receiving domain with guidance on what to do if an email – a phishing attempt for instance – fails these tests.
Creating a DMARC policy is simple in the Sophos Email Appliance. Available in the wizard-based policy builder, with optional aggregate reports to the domain owner: