Ensuring DMARC Compliance for Third-Party Senders

How to Integrate Third-Party Senders

  1. Integrate Externally
    Your third-party senders can use their own mail servers to send your email. If this is an option, you can provide them with a subdomain so they can put their own DKIM record and SPF record in for DNS. You can also give your third-party sender a DKIM private key to sign the emails and publish the public key in your DNS and/or add their sending IP to your SPF record.
  2. Integrate Intenerally
    You can have your third-party sender relay your emails through your own mail servers, which would enable their emails to use your own SPF, DKIM, and DMARC record and take the guesswork out of the process.
  3. Do Not Integrate
    But request that they do not spoof. Ask your third-party senders to use their own domains in the from:header. If these emails need to have a reply, you can have them point this reply alias to you, or have the third-party sender set the reply-to: header to one of your email addresses.

Steps to Integrating Third-Party Senders

  1. Send Messages in Compliance with SPF Records
    This can be accomplished by adding an include:third party.tld in the SPF record. Some organizations may require explicit IP addresses to enter into the domain’s SPF record, rather than using an include: mechanism.
  2. Implement DKIM Signing for the Domain in Use
    When configuring a DKIM signature, ensure you are signing with at least a 1024 bit size. The signing domain (d=) must align with the domain which is used to send the communication.

--

--

--

Agari is the Trusted Email Identity Company™, protecting companies and people from phishing and socially-engineered email attacks.

Love podcasts or audiobooks? Learn on the go with our new app.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Agari

Agari

Agari is the Trusted Email Identity Company™, protecting companies and people from phishing and socially-engineered email attacks.

More from Medium

3 machine labs —1. Automating lab

Juggling with Docker manifests like an artist

City in the Clouds

Illustration of digitally connected city floating in the clouds

OpenRMF Professional v2.8 Released!