Miami Email / DMARC Failure warning in subject

Objective

  • To provide instruction on what to do if an email message has had the subject line tagged with [DMARC Failure - Notify Sender]

User

  • Miami University Students, Staff or Faculty

Environment

  • 10262: Gmail
  • Security

Rationale

Starting on January 30, 2023, IT Services will be implementing a new compliance rule in Google that will tag the subject line of incoming emails sent from a MiamiOH.edu email address that fails the Domain-based Message Authentication, Reporting & Conformance (DMARC) compliance check. DMARC is being implemented by IT Services to better protect the MiamiOH.edu domain from unauthorized use by phishers and spoofers thereby protecting Miami’s brand. DMARC verification uses information in email headers to verify a sender's authenticity. Adding this tag will help all of us to identify emails that will fail their DMARC compliance check as we progress towards total DMARC enforcement.

Resolution

If you receive an email message with the tag in the subject line: [DMARC Failure - Notify Sender]

  1. Make your best assessment of whether or not the message is an authentic legitimate message or a malicious phishing or unsolicited marketing (spam) message
  2. If you believe the message to be authentic and legitimate, respond back to the sender and inform them that the message is not DMARC compliant and that the sender needs to work with Miami's Email Security Team to determine how to send the message in a DMARC compliant way
  3. If you believe or suspect the message is malicious, forward it to infosec@miamioh.edu so that the Information Security Office is aware and can take any appropriate actions in response. After doing that simply delete and ignore the message. If you believe the message is just unsolicited marketing or spam, simply delete and ignore it

 

If you send an email message with the tag in the subject line: [DMARC Failure - Notify Sender]

  1. Reach out to the Email Security Team via the request form here: DMARC Assistance
  2. The form will ask for a copy of the email message and from where the message(s) are being sent, such as a 3rd party vendor or if its an internal system
  3. The Email Security Team will contact and work with you and/or the vendor on configuring the mail systems involved to send DMARC compliant messages

 

Notes

  • For more information about DMARC in general, visit the IT Services DMARC web page

 

Details

Article ID: 148834
Created
Thu 1/26/23 4:07 PM
Modified
Wed 1/17/24 12:31 PM
Can you resolve this issue yourself?
Yes! This is self-service with a smile.
Supported Office or Community
University Community of Students, Staff, and Faculty