Parked domains are domains that have been registered but are not actively being used for sending (legitimate) email. Businesses will often register domains and keep them disused to protect their brand. These are often overlooked in cybersecurity strategies however, failing to secure these domains can lead to brand damage if they are used to launch email spoofing attacks. These attacks can be used to perpetrate fraud against your organisation, customers or suppliers.
Update: VerifyDMARC has launched new Parked Flag and Auto Park features to streamline parked domain management, lean more in this blog post.
Any domain that you are sure is not used to send legitimate email can be configured with a simple DMARC reject policy and a blank SPF Record. This informs recipient mail servers that there are no authorised mail senders and to reject any emails that are addressed from the domain.
If you are not 100% sure if a domain has a legitimate business reason to be sending email, you should collect DMARC reports before moving to an enforcement DMARC policy - that's where VerifyDMARC can help.
If you are confident the parked domain is not used to send legitimate email, in the domain's DNS manager configure two records:
Hostname: _dmarc.yourdomain.com
Type: TXT
Value: v=DMARC1; p=reject
Hostname: yourdomain.com
Type: TXT
Value: v=spf1 -all
The comprehensive solution is to collect and analyse DMARC reports from all domains, including parked domains. This can highlight if a domain is being abused or if someone in the organisation begins to use the domain for legitimate email and any subsequent DMARC compliance and deliverability issues.
VerifyDMARC offers generous domain limits on all plans, so you don't have to make the choice between security and budget constraints. The status alerts in the Dashboard highlight DMARC record misconfiguration, providing feedback to ensure DMARC records remain valid and secure over time.
Microsoft will reject mail that "does not meet the required authentication level". To fix this, you need a DMARC record, SPF and DKIM passing, plus SPF or DKIM alignment.
Learn how to stop email spoofing and improve delivery of order confirmations with DMARC. Implementation guide for Shopify, WooCommerce and Marketo.
We're excited to announce two new Insight reports designed to streamline multi-domain management: Sender Compliance Report and SPF Record Checker.