Anti-Spoofing Policies (DMARC/DKIM/SPF)

Created by Abderrahim Ibnou el kadi, Modified on Mon, 13 Dec 2021 at 10:17 AM by Yves Lacombe

We’re excited to announce that we will be adding new Anti-Spoofing Policies to Proofpoint Essentials that leverage DMARC  authentication. This update is expected to be available to all customers across all packages by December 14th, 2020. No actions are required to receive this update. 

Click on this link to get more details about this feature.

What Is DMARC?

DMARC (Domain-based Message Authentication, Reporting and Conformance) is an authentication protocol designed to provide domain owners with the ability to protect their domain from unauthorized use.  Domains owners can publish a DMARC policy in their DNS record so that a receiving email service can use the policy to authenticate the email and then take action based on the results.

DMARC leverages two additional email authentication mechanisms, Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM). The combination of these authentication mechanisms allow the domain owner to publish additional policies in their DNS records to specify which mechanism (DKIM, SPF or both) is used when sending email from that domain.

Anti-Spoofing Policies

Proofpoint Essentials new Anti-Spoofing Policies configuration allows organizations to choose how to process inbound emails based on the domain owners DNS policy including specific controls related to DMARC, DKIM and SPF.

Frequently Asked Questions

  1. Are anti-spoofing policies available for all packages?
    1. Yes, this feature will be available to all packages.
  2. Are there additional costs?
    1. There are no additional costs.
  3. Are these policies enabled by default?
    1. No. The feature is disabled by default. An administrator will need to enable and configure Anti-Spoofing policies for an organization. 
  4. Are there any impacts to how scoring is performed today?
    1. Yes. Today, a sending domain's SPF policy is factored into the overall scoring of an email with different scoring impact depending on where the result is a fail or a softfail. A fail is likely to be quarantined and a softfail is likely to be delivered (unless there are additional characteristics present that increase the scoring). When this feature is enabled, the automatic SPF scoring impact will no longer be applied and the Anti-Spoofing policy configuration will determine the message outcome.
  5. Where do I access the new Anti-Spoofing policy page?
    1. You will first need to enable Anti-Spoofing Policies via the features page (Account Management > Features). Once enabled, a new section will appear under Secutity Settings > Malicious Content > Anti-Spoofing.