Blog Article

  • 23 January 2025
  • 8 minutes read
Author Profile Picture
  • Edward Carroll
  • DMARC Advocate

DMARC updates in the UK NCSC Mail Check platform

Padlocks Secure A Digital Network, Representing Dmarc As A Strong Cybersecurity Protection.

The UK National Cyber Security Centre (NCSC) announced an update to its Mail Check tool starting 24 March 2025. The NCSC will remove multiple key features, including Domain-based Message Authentication, Conformance, and Reporting (DMARC) aggregate reporting, DMARC insights, DomainKeys Identified Mail (DKIM) checks, and Transport Layer Security Reporting (TLS-RPT).

The technical authority aims to scale Mail Check to support a wider range of UK organizations, reduce the cost and complexity of the platform, and potentially provide more services in the future. Removing these features leaves those using NCSC’s tool unable to monitor trends and identify potential issues.

Why DMARC reporting matters

DMARC reporting is a fundamental part of email security for organizations, especially in the public sector. It provides essential data on email authentication, configuration issues, and domain attack attempts. Without DMARC aggregate reporting, domains’ risk of falling victim to phishing, spoofing, and other email-based attacks increases.

Plus, DMARC aggregate reporting makes maintaining compliance with the Cyber Assessment Framework (CAF) and other email security guidelines easier.

Mail Check will still monitor DMARC policies, Sender Policy Framework (SPF) policies, Mail Transfer Agent Strict Transport Security (MTA-STS) policies, and inbound TLS configurations. For DMARC aggregate reporting, DMARC insights, DKIM checks, and TLS-RPT, organizations need to use alternative tools.

DMARC adoption in the UK

The first DMARC specification was published in 2012 to help domain owners prevent unauthorized use of their domains.

In June 2016, the UK government mandated DMARC adoption for all government departments to safeguard against email spoofing and phishing, with these departments requiring a published DMARC policy by the start of October of that year.

Less than two years later, the NCSC also discussed DMARC usage, recommending all UK businesses implement the protocol to reduce the chance of a successful phishing attack. The organization then introduced Mail Check, a part of its Active Cyber Defense program, to assist with email security configuration and reporting.

With the recent platform update announcement, Mail Check users have the opportunity to reevaluate their email security strategies and adopt tools that provide enhanced functionality and support. At Sendmarc, we’re ready to fill the gap with powerful DMARC reporting and management solutions.

Explore Sendmarc’s DMARC solution

Sendmarc offers a seamless transition for organizations affected by the Mail Check changes. Our DMARC management platform provides:

  1. Aggregate (RUA) & forensic (RUF) DMARC reports

    Transform raw XML data into actionable insights on your dashboard
  2. Comprehensive monitoring
    
Stay ahead of threats with real-time alerts and gain full visibility into your email traffic
  3. Compliance support

    Our DMARC solution helps meet compliance requirements with local and international standards
  4. Proactive domain protection

    Block unauthorized use of your domains and reduce the chance of a damaging phishing or spoofing attack
  5. User-friendly management tools

    Simplify your DMARC implementation and ongoing management with easy-to-use tools
  6. World-class technical support
    Our people are experts in all things email authentication and security and are committed to making the Internet a safer place for everyone

Upgrade your DMARC management platform

Without DMARC reporting, domain owners’ visibility of their email environments decreases, which can make them more vulnerable to cyberthreats. Using security measures, including adopting reporting and monitoring tools, is essential to maintain defenses and compliance.

Sendmarc is committed to helping UK organizations navigate these changes. With our expertise in all things DMARC, we’ll help ensure your domains have the necessary precautions in place and are compliant.

Don’t wait until 24 March 2025 to secure your company’s email domains. Contact Sendmarc today to explore our DMARC management platform and ensure a smooth transition from Mail Check.

Share

Leave a Reply

Your email address will not be published. Required fields are marked *

Latest articles

All articles
Shield with an email icon, showing how DKIM helps guard emails against alteration.
  • 11 minutes read

Simplifying DomainKeys Identified Mail (DKIM)

DomainKeys Identified Mail (DKIM) doesn’t have to be difficult. Learn how to enhance email authenticity and protection with our DMARC management platform.
Read more
  • 10 minutes read

Understanding Sender Policy Framework (SPF)

Discover what Sender Policy Framework (SPF) is, how the technology works, and Sendmarc’s role in managing the cybersecurity solution.
Read more
  • 9 minutes read

Why Sendmarc decided to enforce Single Sign-On (SSO)

Discover why Sam Hutchinson, co-founder of Sendmarc, implemented Single Sign-On (SSO) and how it boosts security, streamlines access, and improves efficiency.
Read more
Sendmarc logo in white on a transparent background
certification badge for ISO/IEC 27001:2022
G2 High Performer Badge - Winter 2025

How secure is your brand name from email scammers?

If you’re at risk of impersonation, one of our experts will be in touch to assist.

Linkedin-in Youtube X-twitter Facebook-f

Platform & Services

Company

Platform & Services

Resources