Thursday 25 September 15:00 - 15:30, Red room.
Terry Zink Microsoft
download slides (PDF)
In 2012, the world of email filtering created a new tool to combat spam and phishing: DMARC. DMARC is a technology that is designed to prevent spammers from forging the sender and making the brand more resistant to abuse. However, its most powerful feature is the built-in reporting that lets brand owners know they are being spoofed.
DMARC has its upsides, and it is very useful for preventing spoofing, but it also has some drawbacks - it will flag some legitimate email as spam, and it will cause some short-term pain.
In addition, DMARC is difficult to set up for a large organization with a very decentralized email infrastructure. Many divisions lack email expertise, but they too need their email delivered.
This presentation discusses the advantages and drawbacks of DMARC. However, it also discusses the process that Microsoft went through to create an inventory of all of its domains in order to ensure they could all pass basic authentication checks. This involved creating DMARC records, sorting through legitimate and malicious sources of spoofed email, and working with teams to ensure that they could authenticate in the future.
Terry Zink is a program manager of antispam effectiveness at Microsoft, and has worked in spam filtering for 10 years. He is responsible for maintaining an enterprise-level experience for end-users of a service that protects the inboxes of over 20 million users. He is a regular blogger and has contributed to CircleID, Virus Bulletin and the semi-annual Microsoft Security Intelligence Report. He currently resides outside of Seattle.