Pentagon Ordering 100% Compliance to DMARC Mandate


If you haven’t enabled DMARC (Domain-based Message Authentication, Reporting, and Conformance) for your business email, now’s the time to do so. Heck, even the Pentagon thinks you should. In fact, government officials have made implementing DMARC for their inbound and outbound email communications by December 31, 2018 a top priority.

The Pentagon to Actively Implement Security via DMARC

Addressed in a recent correspondence (July 2018) by the Department of Defense’s Chief Information Officer, Dana Deasy, the DoD is planning activities to secure public facing Web and email services. These efforts include working with the United States Cyber Command (CYBERCOM) and Joint Force Headquarters – DoD Information Networks (JFHQ-DoDIN) to implement each of the measures contained in Binding Operational Directive (BOD) 18-01. (More on this directive later.)

Essentially, the DoD is being proactive to safeguard their sent and received messages when communicating internally and with the public. Enhancing trust between the government agencies and civilians is important to both parties. Moreover, top officials realize the threats encountered with electronic interaction and are utilizing the available tools to help combat malicious email attacks, which will stabilize their email practices.

What is Binding Operational Directive 18-01?

The Department of Homeland Security’s Binding Operational Directive (BOD) 18-01 was introduced in October 2017 to federal, executive branch, departments, and agencies for purposes of safeguarding federal information and information systems. Core to this directive is a focus on forcing all federal agencies to Adopt DMARC and not long after implement Quarantine and Reject policies toward email that fails DMARC Authentication.

Key Facts about BOD-18-01

  • Goal of BOD-18-01: "Make it hard to susccessfully spoof government sources"
  • Deadline of January 15, 2018 for all second-level domains to have valid SPF & DKIM records
  • Deadline of October, 16, 2018 for all second-level domains & mail-sending hosts to have a DMARC "reject" policy set

Importance of DMARC

For your business email to be as safeguarded and effective as possible, implementing DMARC is essential. Protecting your brand and online reputation will help grow your company, and the key to achieving your email potential is DMARC. As the government increases its efforts to secure both inbound and outbound messages with the DMARC protocol, the need for your business to follow suite is obvious. If the Pentagon entrusts its email in this manner, shouldn’t you do the same for your company? If you have any questions about next steps, MxToolbox has the answers.

DMARC is the key to improving Email Deliverability!

Email is the key to your customer communication strategy. But, what is your email reputation?

Setting up and managing your DMARC configuration is the key to getting insight into your email delivery. MxToolbox is the key to understanding DMARC.

MxToolbox Delivery Center gives you:

  • Who is sending phishing email purporting to be from your domain
  • What is the reputation of your domains and delegated IPs
  • Where other senders are and What their reputations are
  • How your SPF, DKIM and DMARC setup is performing
  • What on-going maintenance you need to maintain and improve your email deliverability

  Learn More