Domain registrar GoDaddy has announced that as of April 2025, all new domains registered via them will come with a DMARC record by default, with a p=quarantine policy.
In my opinion: This is very much a good thing.
DMARC is so important when it comes to preventing phishing and spoofing, when it comes to preventing misuse of email domains to send mail without it being authorized by the domain owner. But while DMARC adoption has been growing, especially among those most savvy when it comes to security and email best practices, there are still gaps, and lots of people who have yet to implement it. Which leaves lots of domain unprotected and those unprotected domains ripe for email abuse.
By automatically applying DMARC with a quarantine policy from day one, GoDaddy is ensuring that brand-new domains are better protected against spoofing the moment they're created. That means fewer opportunities for bad actors to impersonate freshly registered domains in phishing campaigns.
The default policy set is p=quarantine, meaning that mailbox providers are likely to treat failed mail suspiciously. It doesn't instruct the receiving mailbox provider to reject the mail outright; but it does mean that failed mail is likely to be relegated to the spam folder or some other quarantine location, depending on the system.
Domain owners can adjust this default DMARC record as desired; change the policy, adjust reporting options, etc. as needed
I think this is an excellent step forward for domain and email security. Thanks to GoDaddy for leading here. I believe them to be the first registrar to do this at scale, and I hope other domain purveyors follow suit.
Default DMARC helps set a higher baseline for security across the internet. The more we can broaden protection of email domains against phishing and spoofing, the safer email becomes for everyone.
Domain registrar GoDaddy has announced that as of April 2025, all new domains registered via them will come with a DMARC record by default, with a p=quarantine policy.
In my opinion: This is very much a good thing.
DMARC is so important when it comes to preventing phishing and spoofing, when it comes to preventing misuse of email domains to send mail without it being authorized by the domain owner. But while DMARC adoption has been growing, especially among those most savvy when it comes to security and email best practices, there are still gaps, and lots of people who have yet to implement it. Which leaves lots of domain unprotected and those unprotected domains ripe for email abuse.
By automatically applying DMARC with a quarantine policy from day one, GoDaddy is ensuring that brand-new domains are better protected against spoofing the moment they're created. That means fewer opportunities for bad actors to impersonate freshly registered domains in phishing campaigns.
The default policy set is p=quarantine, meaning that mailbox providers are likely to treat failed mail suspiciously. It doesn't instruct the receiving mailbox provider to reject the mail outright; but it does mean that failed mail is likely to be relegated to the spam folder or some other quarantine location, depending on the system.
Domain owners can adjust this default DMARC record as desired; change the policy, adjust reporting options, etc. as needed
I think this is an excellent step forward for domain and email security. Thanks to GoDaddy for leading here. I believe them to be the first registrar to do this at scale, and I hope other domain purveyors follow suit.
Default DMARC helps set a higher baseline for security across the internet. The more we can broaden protection of email domains against phishing and spoofing, the safer email becomes for everyone.
Here's GoDaddy's announcement.
Comments
Post a Comment
Comments policy: Al is always right. Kidding, mostly. Be polite, please and thank you.