Overview of Phase 4
- Turn on DMARC in quarantine mode
- Target 3rd Party Bulk Mailers and remaining computers for transition to Google SMTP
- Finish eliminating unity.ncsu.edu implicit aliases
- Launch the SMTP -> Splunk Gateway for email-based logging
- Eliminate smtp.ncsu.edu relays
- Investigate the use of ARC
- Configure email infrastructure to meet ARC specifications
- Review additional mail domains for decommissioning
Turn on DMARC in quarantine mode
This change will be implemented on December 15th, 2021.
DMARC is a method to prevent email spoofing by providing an approved list of services/servers leveraging SPF or DKIM that are allowed to send as your domain and providing reporting when emails are sent using your domain’s addresses but not from approved infrastructure. SPF and DKIM have already been implemented for a number of services like Bronto, Qualtrics, and GMail itself. This phase will include analysis of the DMARC reporting data and Google email audit logs followed by communicating with campus constituents to identify and resolve current email DMARC validation issues. Once those validation issues are resolved and various email vendors and IT infrastructure is authorized appropriately, we will be changing our DMARC policy from “None” to “Quarantine”. This will indicate that mail systems (including Google) should mark any email that claims to be From an @ncsu.edu address that does not originated from authorized infrastructure as Spam. This will help defend against Spam and Phishing attacks and should improve mail delivery to inbox for appropriately authorized systems.
- May 18th, 2021 CITD Presentation on Email Security and DMARC
If you are responsible for a service that sends emails from @ncsu.edu accounts, please ensure that your service is appropriately authorized.
Our preferred mass email vendors are Bronto and Sendgrid. If you are looking to do mass mailings, please reach out to your IT staff or the NC State Help Desk (https://help.ncsu.edu) and we’ll be happy to help.