The identity loophole in email
Email runs on SMTP (Sender Mail Trasnfer Protocol), which was written in the 80s. SMTP never had authentication, this made email impersonation and spoofing possible - allowing attackers to send email from any domain name. It wasn't until a few years ago that companies like Apple and Nasa could have been impersonated.
Billions of dollars in losses later
Security standards named SPF, DKIM, and DMARC were introduced to correct this loophole. But the fix had to be made on the DNS, by domain owners, and required numerous monitoring actions - this made it challenging and time-consuming - leaving 90% of businesses today unconfigured.
It gets worse
Aside from impersonation and identity fraud - today, unconfigured domains have left businesses getting their emails marked as spam, never delivered, and blacklisted - leaving them with low open rates and their message unheard.
Where the average blacklist removal takes 2-4 weeks, businesses lose countless potential relationships that never happened because of email delivery failure - crippling even communication with existing customers, hindering growth and hurting revenue.
Simply put, to prevent spoofing, email impersonation and failure of email delivery, DMARC enforcement is a must.
Not having a strict DMARC enforcement policy on your DNS is equivalent to not having an SSL certificate (https) - yet 10x more dangerous.
What we’ve done. Protocols meet Automation
Not everyone should be a DNS expert to configure this technology; there is no point to it - it should be quick and straightforward. Reading reports, implementing DNS modifications manually have wasted many hours and failed.
That is why we have built Skysnag.
We've automated the process so that no more reports are read manually, and companies can actually get DMARC enforced with minimal effort.