Red Sift integration – Help Center

Meet Red Sift

Red Sift's cloud-based DMARC application, OnDMARC, enables you to configure SPF, DKIM, BIMI, and DMARC for all legitimate email sources in weeks. Protect your organization against business email compromise, phishing, and email impersonation.

Red Sift provides thirteen types of informational and positive signals in SecurityScorecard, based on DMARC, SPF, and BIMI protocols:

Note: Informational and positive signals do not impact your Scorecard score.

Domain protected by DMARC

This domain is protected by DMARC against exact impersonation.

No DMARC aggregate reports are being inspected

This domain is protected by DMARC, but reports are not being analyzed. Some legitimate email traffic may be blocked without your knowledge.

No DMARC forensic reporting is being inspected

This domain is protected by DMARC, but forensic reports are not being analyzed. Forensics contain important information for investigating misconfigurations and email attacks.

Domain not protected by DMARC

This domain is not protected by a strong DMARC policy, meaning your organization is vulnerable to business email compromise, ransomware, and phishing attacks. A malicious party can also impersonate your domain to target individuals within your customer base and supply chain.

DMARC record error

This DMARC record contains errors, so the domain is not protected from impersonation and phishing attacks.

SPF record found

No issues are currently identified with the SPF record for this domain. This does not guarantee that all email domains and sending sources are authenticated, or that the SPF lookup limit will not be exceeded in the future, which can impact deliverability.

SPF record exceeds the maximum number of lookups

An SPF record with too many lookups will impact the delivery of legitimate mail, especially with legacy receiving mail systems, or if the domain is at DMARC enforcement.

SPF record error

An SPF record with errors can impact the delivery of legitimate mail, especially with legacy receiving mail systems, or if the domain is at DMARC enforcement.

SPF record not found

No SPF record was found for this domain. All email sources could be failing authentication. A domain with no SPF record may experience email delivery failures, especially with legacy receiving mail systems, or if the domain is at DMARC enforcement.

BIMI deployed with VMC

This domain has BIMI deployed with a VMC that ensures the legal ownership of its logo.

BIMI record without a VMC

This domain has a BIMI record but does not contain a VMC to ensure legal ownership of its logo. Some email providers will not process this BIMI record.

BIMI record error

This domain's BIMI record has an error, and it is being ignored by email receivers.

No BIMI record

This domain has no BIMI record. BIMI is a reward for a domain protecting itself with DMARC, and allows you to display your trademarked logo in a mail client.

Set up the integration

If you are SecurityScorecard customer, you can install the app in seconds.

Select Marketplace from the top menu in the SecurityScorecard platform.
On the Marketplace page, start typing Red Sift in the search box and then select Red Sift to go to the installation page.
View a description of the app, and click Install.

Installation completes in seconds with no additional prompts or messages.

Find Red Sift signals in the Scorecard

You can view any available Red Sift signals on your own Scorecard or any Scorecard you follow:

Click the Scorecard tab, and select the DNS Health or Social Engineering factors. Any available Red Sift signals appear in an Informational or positive section for that factor.

or

Click the Issues tab in the Scorecard. Any available Red Sift signal appears with their logo in the informational or positive rows of the table.
Click the signal to see an overview of your identified issue, the associated risk, recommendations for steps to take, and reference links for additional information or guidance.
Scroll down for observation dates.

Take action on Red Sift signals

Red Sift’s signals identify email authentication issues to be addressed and opportunities for improvement. To address these issues, you can subscribe to Red Sift's OnDMARC service and automate the DMARC implementation and enforcement process:

Leverage the auto-classification of legitimate email senders from OnDMARC's database, and start enforcing DMARC enforcement in four to eight weeks.
Surface bad senders with threat intelligence. OnDMARC's Threat Intelligence automatically identifies and contextualizes threats to help you block them faster.
Manage SPF, DMARC, DKIM, and BIMI from inside OnDMARC’s interface instead of going back to your DNS provider.

Acronym glossary for this article

BIMI

Brand Indicators for Message Identification: A new, industry standard that will apply brand logos as indicators alongside authenticated emails to help people avoid fraudulent email

DKIM

DomainKeys Identified Mail: A protocol used to sign different header fields and the body of an email in order to authenticate the sending domain and prevent message modification during transit

DMARC

Domain-based Message Authentication, Reporting & Conformance: An email authentication protocol designed to enable email domain owners to protect their domain from unauthorized use, commonly known as email spoofing.

SPF

Sender Policy Framework: An email authentication method designed to detect the forging of sender addresses during the delivery of the email

VMC

Verified Mark Certificate: A digital certificate that validates the authenticity of a BIMI logo

Learn more

See a video on using OnDMARC to block phishing and Increase email deliverability.
See Red Sift's onDMARC Help Center.
Get additional information about using Red Sift's OnDMARC application.

Get Help

If you need help or have questions about the integration, contact the Red Sift support team.

In this article: