Agari's Nasty Secret

The first partner company listed on Agari's website (see it for yourself here) is CISCO. Cool. CISCO is protected by Agari, right? Just look at their DMARC record. Ooooooh, wait a freaking minute! That little "pct=0" really says "Just Kidding!" For those of you CISOs who wouldn't know DMARC from a double hernia, the "pct" tag specifies the percentage of messages from a domain's mail stream that will be checked to see if they pass authentication. Which means that CISCO is NOT protected from impersonation attacks. Which eliminates any benefit DMARC provides.

Notice in the above CISCO record that "p=quarantine; pct=0" instructs that the quarantine policy will be applied to zero percent of the domain's message flow.

My own DMARC setting says it all: "profanity=100"



Popular Posts