Skip links and keyboard navigation

DMARC Analysis service

Learn about the Domain-Based Message Authentication Reporting and Conformance (DMARC) Analyser service platform, delivered by Mimecast.

DMARC Analyser allows organisations to monitor their email channels with greater visibility, enabling them to see what emails are being sent from their domain, and identify how these emails will be authenticated, either as legitimate emails or as ‘spoofed’. Email spoofing is a technique used in spam and phishing attacks to trick users into thinking a message came from a person or entity they either know or can trust.

The implementation of DMARC, along with Sender Policy Framework (SPF) and Domain Keys Identified Mail (DKIM), can increase the ability of receiving parties to identify the instances of an unauthorised party sending fake emails by masquerading as an agency’s domain name.

The DMARC service provides two key protections:

  • a method to block malicious emails being sent via an organisation’s domains to protect their clients and customers from spoofed domain messages and phishing attacks
  • processes and visualises DMARC data in ways that expose misconfiguration and unauthorized use of your email domains.

Watch a video overview of the DMARC Analyser provided by Mimecast for more details.

Using this service enables our organisations to meet their obligations as specified under the Information security policy (IS18:2018) and improve cyber security maturity.

Business benefits

  • Preventing the delivery of malicious emails impersonating your domains which could result in disruption of business operations and potential reputational damage to your organisation.
  • Promote trust and confidence in QLD Government agency communications by Improving the security of email recipients.

Technical capabilities

  • Visibility and governance across all email channels.
  • Publish a policy that instructs ISPs to deliver or delete emails.
  • Enable reporting of actions taken on email claiming to be from an organisation’s domain.

All government agencies and related bodies are eligible to access this service.

Entity Type

Eligibility

Cost

Queensland Government agencies

Eligible

No cost

Statutory bodies

Eligible

No cost

Local Government

Eligible

No cost

Government Owned Corporation (GOC)

Eligible

No cost

Complete the DMARC service request form to start onboarding this service or contact the Cyber Security Unit at cybersecurityunit@qld.gov.au to discuss the service and how we can assist you.

Visit Implement the DMARC Analysis service for instructions on how to set up and customise the service for your agency once you have access.

Visit the Australian Cyber Security Centre guide or the Mimecast website for more information on DMARC functions and best practice.