i think we covered this briefly during one of the earlier SOLVE when we discussed DMARC. how ha...


Userlevel 3
Badge +1

i think we covered this briefly during one of the earlier SOLVE when we discussed DMARC. how have you guys dealt with getting around SPF lookup limits? is dynamic SPF offering (like that of ondmarc) the way to go? or can you use CNAME and TXT and manage your own?



🗨 Link to Slack thread

47 replies

Userlevel 2
Badge +2

SPF Flattening - it is very experimental but it is very useful 😄

Userlevel 2
Badge +2

Especially for internal services which usually add up

Userlevel 3
Badge +2

I also recommend internal services to be run on a different / sub domain.

Userlevel 2
Badge +2

If it is not something going outside the domain for marketing purposes ☝ this is the real pro tip

Userlevel 3
Badge +2

Oh. there are also a lot of people using email.example.com for marketing purposes. If the domain get’s flagged you can just change it.

Badge +3

We use Valimail, it is pricey (you can negotiate down their “minimum” rate) but it makes DMARC dead simple and easy

Userlevel 2
Badge +2

Ooof Valimail looks really sweet - do you happen to know the listing price (like ballpark)? @ryan.donnon

Badge +3

off the top of my head i think they start around 25-30k/yr

Badge +3

its been a while tho

Userlevel 2
Badge +2

Not too bad - it’s one of those risk vs threat kind of money

Badge +3

I think what gets a lot of folks is that it is something that you could in theory set up yourself

Badge +3

For me, as a solo IT person that is responsible for everything I do not have the expertise to constantly be managing DMARC so it is well worth the money

Userlevel 2
Badge +2

true - I mean you can setup automation ala bettercloud too 😉 it’s just about maintaining

Badge +3

You can go from nothing to full enforcement in just a couple weeks, it’s pretty great for what it does

Userlevel 2
Badge +2

Yeah - I think it’s a no-brainer if you are in that position. Spend a macbook pro a month on email security. Not that bad (I do love counting things in MacBooks)

Badge +3

hahaha - thats so great. im gonna use that

Userlevel 2
Badge +2

finance actually kind of understands that reasoning when i pitch stuff

Userlevel 2
Badge +2

“If I were to buy 12 macbooks today - would that have been a problem?”

Userlevel 3
Badge +1

thank god valimail doesn't ask me to put in my email address so they can spam me! (looking at you proofpoint)

Userlevel 3
Badge +1

i don't know why they flipped the x-axis though. at a quick glance, i was like why would they put this here?

Userlevel 2
Badge +2

Actually I think its because of Gartners Quadrant 😂 - you want to be in the top right corner on those

Userlevel 2
Badge +2

I’m more confused over the shade thrown on Agari there

Userlevel 3
Badge +1

wonder what the sample was and the associated timeframe. but i should move on

Badge +3

From what I have heard Agari has even higher minimums/cost than Valimail does

Userlevel 3
Badge +1

didn't agari partner with microsoft? seems like proofpoint is popular here with the big banks in canada

Reply