It has been several years since the statistics for DMARC policy records had been updated on this page. The main reason for this was surges of up to millions of records each quarter, if not each month. They would show up, demanding analysis and explanation, and then in many cases most of them would diappear […]
Summary of Changes in DMARCbis
The IETF’s DMARC Working Group has submitted documents to update the DMARC protocol to the RFC Editor. For reference, here is a high-level overview of the changes introduced in these updates: Informational ⇨ Standards Track Public Suffix List replaced by DNS Tree Walk and Public Suffix Domains (PSD) Several tags deprecated: pct=, rf=, ri= np= […]
DMARC.org at 8th JPAAWG General Meeting
JPAAWG held it’s 8th General Meeting in Kochi, Japan on the 4th and 5th of November, 2025. This was the tenth year that DMARC.org was able to provide information about email authentication to Japanese email professionals. The presentation included the following sections: Final steps of the IETF’s DMARC Working Group How DKIM replay attacks work […]
DMARC.org at 7th JPAAWG General Meeting
The seventh JPAAWG General Meeting was held in Sapporo, Japan on November 11th and 12th of 2024. Many attendees participated in person over both days of presentations and knowledge-sharing sessions, and additional participants accessed the sessions online. This year’s presentation covered dramatic changes around the IETF‘s DMARC Working Group, and updates on a new protocol, […]
New Authentication Protocol: DKIM2
Since late 2021 there has been an increase in the use of DKIM Replay Attacks. While the potential for DKIM Replay Attacks was noted in the original DKIM RFC, bad actors were finally using them in ways that caused real trouble for large mailbox operators. A number of proposals to address this threat were written […]
DMARC.org at Sixth JPAAWG General Meeting
The sixth JPAAWG General Meeting was held in Kanazawa, Japan on November 6th and 7th of 2023. Attendance was strong, with many attendees participating in Q&A over two days of engaging technical and practical presentations. This year’s presentation again summarized developments in the IETF‘s DMARC Working Group since the prior meeting, and updates on technical […]
M3AAWG Calls for Coalition to Support Public Suffix List
The Messaging, Malware, and Mobile Anti-Abuse Working Group, or M3AAWG, has released a blog post and white paper calling for the creation of an industry coalition to support the Public Suffix List (PSL). The PSL is an initiative under the Mozilla Foundation, and identifies the parts of the Internet domain name space under which organizations […]
Microsoft Allows 365 Admins To Accept ARC Forwarders
Back in October 2019, Microsoft included ARC support in their Microsoft 365 Roadmap, stating that “[ARC] is now enabled for Office 365 hosted mailboxes.” But at that time it could only be used between Office 365 tenants, or from Microsoft’s in-house services. However in June of 2022 they made it possible for each tenant to […]
DMARC.org at Fifth JPAAWG General Meeting
The fifth JPAAWG General Meeting was held on November 7th and 8th in Nagasaki, Japan. For the first time since the start of the COVID-19 pandemic, DMARC.org was able to deliver a keynote presentation in person. A strong conference program generated excellent attendance, both in-person and online, and the facilities were top notch. This year’s […]
Most DKIM Keys Seen in 2021 Were 2K RSA
RFC 4871 required the use of a DKIM RSA key length of at least 1,024 bits “for long-lived keys,” but also required that verifiers continue to support shorter keys. And many shorter keys were in common use even five years later, when Google’s 512 bit DKIM key was cracked and used to send spoofed email […]