Popular searches

DMARC

Contact Info

Information Technology Services

Georgia Southern University IT Services will implement DMARC (Domain-based Message Authentication, Reporting and Conformance) on its email system, a policy and reporting protocol for email authentication as part of our continued efforts to protect users by combating phishing, email scams, and spoofing of our email domains

DMARC Overview & How It Works

DMARC provides protection against spam and phishing emails and other spoofing attempts by adding an encrypted DKIM (DomainKeys Identified Message) signature and/or SPF (Sender Policy Framework) to verify the authenticity of any sender attempting to use the @georgiasouthern.edu domain, or any subdomains.  This added safeguard provides an extra level of protection for any emails sent from an authorized Georgia Southern email address.

A DMARC policy can be used to authenticate a sender’s domain, verify that the email transmitted by a sender are legitimate, and identify and monitor all approved/verified senders and third-party vendor applications (ie, Constant Contact,EAB, Paciolan,SendGrid ) used to transmit mail on Georgia Southern’s behalf.  A DMARC policy also provides instructions to other email servers on how unauthenticated email should be handled by putting them in quarantine (Spam Folder) and in some cases, rejecting the email so that it is never delivered.  

Impact of DMARC Implementation on Users

While the implementation of DMARC will impact each and every member of the Georgia Southern community, there is nothing you need to do.  All changes are transparent to end-users and will take place entirely behind the scenes.  In other words, your current user experience will remain the same: you won’t notice anything different about your Georgia Southern email account or how you use it. If you use a third-party vendor application or email service to send communications from a Georgia Southern University email address and are not sure if these email security policies have been put in place, please contact the University Helpdesk at helpdesk@georgiasouthern.edu to request DMARC/DKIM/SPF setup and validation.

Checking Email Authentication Status

To confirm if an email is authenticated:

  1. Go to Gmail, and open an Email.
  2. Click on the 3 dots on the far right and select ‘Show Original’.
  3. Look for the DMARC result.  If it says Pass, then it is authenticated.

Benefits of Using DMARC

Reputation

Publishing a DMARC record protects our brand by preventing unauthenticated parties from sending mail from your domain. We often see attackers using the @georgiasouthern.edu domain name in their attempt to trick users and DMARC will prevent these emails from being delivered, improving our brand reputation.

Security

DMARC helps the email community establish a consistent policy for dealing with messages that fail to authenticate. This helps the email ecosystem as a whole become more secure and more trustworthy.

Visibility

DMARC provides increased visibility into who is sending email from the @georgiasouthern.edu domain and where it originates from.