Hello, Guest.!

Report: DHS Anti-Email Spoofing Measure in Effect at Multiple Agencies

1 min read


Email security company Valimail reports that roughly half of federal government domains have implemented an email security protocol in compliance with a directive that the Department of Homeland Security issued nearly a year ago.

Valimail’s recent study reveals that the Domain-based Message Authentication, Reporting and Conformance standard has been deployed to cover 655 out of 1,315 government domains and has been configured to “enforcement status”— meaning the security protocol is set to reject fake emails.

DMARC is a cybersecurity protocol that helps determine whether an email is authentic. It blocks fake emails and generates reports of such encounters.

The DHS on Oct. 16, 2017 required federal agencies to adopt DMARC — along with multiple other web and email security policies — through the issuance of Binding Operational Directive 18-01.

To be fully compliant, agencies had to activate DMARC’s automatic reporting to the DHS and configure the system to automatically block fake messages.

The automatic reporting was due in January, while the automatic blocking of emails is due on the 16th.