I’m having trouble with our company emails being flagged as phishing in Office 365. After checking our domain settings, I noticed we were missing a DMARC record. To fix this, I added a TXT DNS record with the following content:
I’m wondering if this addition will solve the phishing detection problem. Also, are there any special steps I need to take to make sure it works correctly with our email setup using Mailgun and GoDaddy?
Has anyone dealt with a similar issue before? Any advice would be really helpful. Thanks!
Implementing DMARC is a solid step, but it’s not a guaranteed fix for phishing alerts. Your current ‘p=none’ policy is just monitoring, not enforcing. Consider gradually moving to ‘p=quarantine’ or ‘p=reject’ as you fine-tune your setup.
For Mailgun integration, you’ll need to authorize their sending IPs in your SPF record and set up DKIM signing. Check Mailgun’s documentation for specifics. GoDaddy shouldn’t pose any issues for DNS management.
One often overlooked aspect is email content. Ensure your emails don’t contain common phishing indicators like urgent language or suspicious links. Also, train your staff on email best practices.
Monitor those DMARC reports closely. They’ll provide insights into any alignment issues or unauthorized senders using your domain. It might take some time and adjustments, but persistence usually pays off in reducing false positives.
I’ve dealt with similar issues in my company. Adding DMARC is definitely a step in the right direction, but it’s not a silver bullet. In our case, we found that implementing DMARC, along with properly configured SPF and DKIM records, significantly reduced phishing flags.
However, the ‘p=none’ policy you’ve set doesn’t actually enforce anything - it just monitors. You might want to gradually increase this to ‘quarantine’ or ‘reject’ as you become more confident in your setup.
Also, don’t forget to review your email authentication practices. We found that some of our legitimate emails were being flagged because they were sent from third-party services that weren’t properly authenticated.
Lastly, keep an eye on those reports sent to your postmaster email. They provide valuable insights into how your emails are being treated by receiving servers. It took us a few weeks of tweaking before we saw significant improvements.
adding DMARC is a good start, but it might not fix everything. make sure ur SPF and DKIM are set up too. with mailgun, check their docs for specific DMARC settings. godaddy should be fine. monitor the reports sent to [email protected] to see if it helps. good luck!