Brightball

Articles about Email

Enterprise Challenges with DMARC Deployment

Email | Security | DMARC | - July 25, 2022 // Barry

DMARC deployment projects in larger organizations come with their own variety of challenges. A great many more people are involved, so there will be more communication, more approvals and more politics. Others will object on the basis of size. "Our company is simply too large!" some will say.

In the final section of our DMARC guide, we will discuss these common concerns and how to address the challenges. If 74% of the US Federal goverment did this in about a year, you can too.

Deploying DMARC Without Breaking Everything

Security | DMARC | Email | - July 23, 2022 // Barry

Too scary? Messing with the configuration on your domain email is scary, especially if you're already sending a lot of it. You have to worry that you're going to screw something up and break all of the email communications for the entire company.

That's what I was worried when I first rolled this out and had no idea what I was doing. One of the reasons I'm such a big advocate for DMARC today is that it was painless, easy and involve no risk at all.

Combatting Phishing with DMARC

DMARC | Security | Email | - July 18, 2022 // Barry

Email shouldn't feel like a dark art, but to a lot of people it does. Everyone should have DMARC setup by this point, but they don't. Here's the first piece of a 3 part guide covering why it works and how to set it up.

Since writing about how to reverse account takeovers last week I've decided to write a security series covering all the weird things I encountered back in 2012, when I accidentally ended up combating phishing and fraud for a year. In the last article, the first recommendation was to setup DMARC. So let's take a deeper look at why, how and what's involved in long term management once it's setup.

Automatically Reversing Account Takeovers

Email | DMARC | Security | - July 11, 2022 // Barry

Today, Brian Krebs reported on account takeovers happening at Experian, one of the 3 major credit agencies. The first step after getting account access is to lock out the account owner, usually by swapping the email address. 10 years ago I dealt with this problem extensively, so I'd like to share how to solve it.

Video: Developing a Layered Email Security Strategy Webinar Presentation

Email | Security | - September 23, 2020 // Barry @ dmarcian
In this joint webinar between dmarcian, GreatHorn and Inspired eLearning I had the opportunity to share an overview of SPF, DKIM and DMARC as part of a layered email security strategy.

What to Expect When You're Emailing Presentation

Email | - July 20, 2019 // Barry @ Carolina Code Conf
During Carolina Code Conf, I gave what is probably the most entertaining presentation ever given about email. We walk through how to protect, raise and nuture the domain for my pirate themed gym, Slimmer Ye Timbers.

Phishing Leaves a DMARC Trail

Email | DMARC | - August 7, 2018 // Barry @ A.P.W.G.

In May I had the opportunity to present at the Anti-Phishing Working Group (APWG) Conference after spending some time cross referencing the APWG's eCrime Exchange data with dmarcian's historic DMARC reports to see if we could identify consistent patterns among known bad actors, as well as potentially identifying a wider scope to the attacks that any single entity could see. The results were interesting!

Email as a Microservice

Email | DevOps | - August 6, 2016 // Barry @ Codeship

Email might be one of the most often overlooked pieces of any web application. Usually the biggest discussion around it in a project begins and ends with “and we’ll send them an email when this happens…”.

A little thought and some minor adjustments can help us avoid some problems that will grow as your project does. Let’s talk about email as a microservice.

Protecting Users from Phishing and Fraud Presentation

Security | DNS | DMARC | Email | - April 2, 2015 // Barry @ Upstate PHP

This presentation covers my experiences combatting phishing and fraud using DMARC and assorted other techniques in a large eBay-like platform for a niche market...when the site previously did everything over direct user email...for over a decade. Good times.