Now Trending – AOL’s DMARC policy (p=reject)!

Kate Nowrouzi
Apr. 23, 2014 by Kate Nowrouzi

Another major mailbox provider has moved to the DMARC policy reject mode due to recent spoofing attacks on its members. Yesterday, AOL announced that it was following in Yahoo’s footsteps with p=reject.

aol_600x315Over the past few days, “You’ve Got Mail” users have complained about hackers gaining access to their AOL accounts and sending many emails with malicious links to their friend lists. The link in the email leads to malware, phishing attacks and viruses. If you have an AOL account, it is highly recommended that you check your sent folder to see if your account is affected. If you see a suspicious email in your sent folder, you need to delete the email and change your account password immediately.

Although the number of affected users is unknown, this attack has received a lot of attention on Twitter with the trending hashtag #AOLHacked. The AOL anti-spam team regard this as a serious attack, and has taken firm action to defend their users (full disclosure: I’m a former AOL employee). In order to stop hackers and cyber criminals, as well as restore trust in their brand, they announced publicly yesterday that their DMARC policy has been changed from (p=none) to reject (p=reject). With this DMARC policy change, AOL will now only allow traffic from AOL.com users through their mail servers. Other providers who honor DMARC policies such as Gmail, Yahoo and outlook.com are now been instructed to reject mail sent on behalf of AOL Mail users via non-AOL servers.

This big step and revolutionary DMARC reject policy was recently initiated by Yahoo following the earlier lead of Twitter, Facebook & Linkedin, and is now followed by AOL. Hopefully, other major mailbox providers will soon follow suit. The Message Systems’ team fully supports Yahoo’s and AOL’s decision to put stricter DMARC policies in place to battle spam and phishing attacks. Our core messaging engine, Momentum, fully supports all authentication methods such as DKIM and DMARC out of the box, and our support and technical teams are available to address any questions and concerns customers might have with regards to complying with these new email authentication polices.

Want to learn more about DMARC? Read the How DMARC Is Saving Email E-Book today!

How DMARC Is Saving Email

Share your Thoughts

Your email address will not be published.

Related Content

What GoT’s Casterly Rock Can Tell SaaS About Email Security

The defenses and vulnerabilities of castles in Game of Thrones should be a warning for SaaS providers about phishing and email security.

read more

Getting Started with SparkPost in Java

A quick and easy guide on how to use the SparkPost Java Client Library to integrate with SparkPost to allow users to send emails faster.

read more

Are you Realizing the Big Rewards of Email Deliverability?

We did the math, learn how email deliverability is calculated, how it impacts your bottom line, and how to improve it for better engagement rates and ROI.

read more

Start sending email in minutes!

The world’s most powerful email delivery solution is now yours in a developer-friendly, quick to set up cloud service. Open a SparkPost account today and get started for free.

Get Started

Send this to a friend