¾Ã¾ÃÈÈÊÓƵ

Helps to ensure the trustworthiness of the MiamiOH.edu email domain

DMARC protects the MiamiOH.edu domain from unauthorized use by phishers and spoofers thereby protecting Miami’s brand. This protection occurs not only within Miami’s environment but also through non-Miami email services that have implemented DMARC as well.

We lower risk by reducing vulnerability

Domain-spoofed messages are estimated to comprise 1-2% of all email volume and are directed to nearly all companies and institutions worldwide. Phishing is commonly one of the first steps in attacks that lead to account compromises, data breaches, ransomware, and various financial scams. DMARC does not prevent all forms of phishing but does eliminate some of the most difficult for end-users to correctly identify as phishing.

We keep Miami in line with the future

Schools and the industry are moving in this direction. Eventually, non-compliance may result in delivery issues as more and more organizations move to DMARC.

DMARC: Domain-based Message Authentication, Reporting & Conformance. The protocol uses Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM) to determine the authenticity of an email message.

DKIM: DomainKeys Identified Mail. The system is used to cryptographically sign outgoing emails to check an email’s authenticity and prevent malicious alterations of the email in transit.

SPF: Sender Policy Framework. System to ensure that only certain IP addresses can send email on behalf of a domain.

DMARC Quarantine: Messages that fail DMARC compliance will be delivered to a user's spam folder. This will allow for the bulk moving to inboxes when we are notified of messages that should have been delivered but are not yet DMARC compliant.

DMARC Enforcement: Full enforcement will have the messages bounced before reaching inboxes.

Email messages are considered DMARC compliant if they pass SPF, DKIM, and the domain address alignment.

• DMARC matches the 'header from' domain name with the 'envelope from' domain name used in the SPF check
• DMARC matches the 'header from' domain name with the domain name in the DKIM signature

The ‘envelope from’ is used during communication between SMTP clients and servers, while the ‘header from’ is what is displayed in an email client. In snail mail terms, the ‘envelope from’ is like the from address on the outside of a physical envelope while the ‘header from’ is like the from address on the letter inside the envelope.

Method for checking a message for compliance

Send a test message to your MiamiOH.edu account through the 3rd party mailer in use:

1. Open the message in Gmail.
2. View full headers: “Show Original” from menu (3 vertical dots) to the right of reply button.
3. Search for “SPF”, “DKIM”, and “DMARC” for details.

Example:

Authentication-Results: mx.google.com;

dkim=pass header.i=@miamioh.edu header.s=mualmaip13 header.b=fQclh6Zr;

spf=pass (google.com: domain of ithelp@miamioh.edu designates 134.53.225.83 as permitted sender) smtp.mailfrom=ithelp@miamioh.edu; 

dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=miamioh.edu 

You will want to see “pass” for each, if not send full headers via the .

If you have any questions or concerns that your email may be affected by the implementation of DMARC, you can complete the  and the IT Services DMARC Team will assist you.