802
edits
Changes
Jump to navigation
Jump to search
Line 23:
Line 23: − + − − == Background == − *Canadians rely on the Government of Canada to provide secure digital services in a way that protects the information they provide to the government. − *By implementing specific security standards that have been widely adopted in industry, departments and agencies can minimize spam and better protect users who might otherwise fall victim to a phishing email that appears to come from a government-owned system. − *This includes implementing Domain-based Message Authentication, Reporting and Conformance (DMARC) which protects government email domains from spoofing and phishing. − *Goal is to reduce the risk posed to Canadians posed by malicious emails impersonating the Government of Canada − − − − <br> − − == DMARC Concepts and Architecture == − [[File:DMARC DIAGRAM2.png|thumb|How does email authentication work?]] − − === How does email authentication work? === − *An email is sent by a threat actor who is spoofing their email to look like a Canadian Bank. − *The sender receives the email and attempts to forward it to the actual bank. − *The Canadian Bank's email authentication records notices that the sender domain is not recognized as a legitimate domain. − *Malicious email is blocked without reaching the target's inbox. − [[File:DMARC EXPLAINED.png|thumb|How does DMARC work? ]] − − === How does DMARC work? === − *Author composes & sends an email. − *The sending mail server inserts a DKIM header and heads towards the receiver. − *The email and sender domain is scrutinized and tested based on checks such as IP Blocklists, Reputation, Rate Limits, etc... − *DMARC checks the DKIM header that was inserted by the sending mail server for legitimacy. − *DMARC retrieves an "Envelope Form" via SPF. − *The email then has one of three outcomes. − **Passed - Email gets sent to proper user and goes directly into the inbox. − **Quarantine - Email fails DMARC policy and is send to the user's SPAM/Junk folder. − **Reject- Failed DMARC policy, Email is rejected and the message is dropped before it reaches the user. − − <br> − − == References == − *[https://cyber.dhs.gov/bod/18-01/#what-is-email-authentication| What is Email Authentication?] − *[https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-177r1.pdf Trustworthy Email - NIST Publication] − *[https://dmarc.org What is DMARC?] − *[https://internet.nl Netherlands Email and Domain Compliance Tool] − *[https://www.gov.uk/government/publications/email-security-standards/domain-based-message-authentication-reporting-and-conformance-dmarc Using DMARC in your Organization] − *[https://dmarc.globalcyberalliance.org/ DMARC - Email Authentication Made Easier] − *[https://www.gcpedia.gc.ca/gcwiki/images/5/5b/Enhancing_Email_Security_with_DMARC.pptx Enhancing Email Security with DMARC] − *[https://www.gcpedia.gc.ca/gcwiki/images/a/a8/Enhancing_Email_Security_with_DMARC_-_French.PPTX Enhancing Email Security with DMARC - French] − [[Category:Government of Canada Enterprise Security Architecture (ESA) Program]] − [[Category:Enterprise Security Architecture]] − [[Category:GC Enterprise Architecture]]
Domain Message Authentication Reporting and Compliance (view source)
Revision as of 13:38, 20 April 2021
, 13:38, 20 April 2021no edit summary
|}
|}
</div>{{TOCright}}
</div>{{Delete|reason=Expired Content}}
