Phishing attacks, email spoofing, and business email compromise (BEC) continue to rise and pose threats to the main method of business communication — email.
Trusted email communication among our customers, partners, vendors, and employees is important to us so we are implementing Domain-based Message Authentication Reporting and Compliance (DMARC) at a policy of enforcement to ensure only legitimate outbound email from our domain is delivered to our recipients.
What is DMARC?
DMARC is an email authentication protocol that, when implemented at a policy of enforcement, gives domain owners the ability to protect their domain from unauthorized use, like email spoofing.
With DMARC in place, our domains cannot be used without our authorization; We can be certain that emails sent with our domain are legitimate and recipients who receive an email with our domain can be certain it is a legitimate email from us.
To implement our DMARC solution, we have partnered with Valimail.
What does this mean to me?
This is a positive change for our university, but with change comes some adjustment. It is important to us that you are aware of this initiative, how it impacts you, and what to do if you encounter an issue.
IMPACTS FOR SERVICE OWNERS:
Service Owners are employees who work with a vendor (outside of our company) that sends email on behalf of our university, using one of our domains. Examples of departments that may have Service Owners include marketing, admissions, and IT.
Examples of vendors providing email sending services include:
- ADP
- Cvent
- Mailchimp
- Salesforce
- Docusign
The vendor must be set up as an authorized sending service to use our domain to send email. If the vendor is not set up as an authorized sending service, the email they are sending will not be delivered to the recipient’s inbox — it will be redirected to a spam or junk folder or blocked from delivery entirely.
Your intended recipient will not receive your email.