Mail Check: Navigating the new changes

Executive Summary: The NCSC’s upcoming changes to Mail Check services, including the discontinuation of DMARC aggregate reporting, necessitate that organisations find alternative solutions to maintain robust email security.​

This article:

  • Explains the National Cyber Security Centre’s (NCSC) proposed updates to Mail Check services and what this means for UK public sector organisations.​
  • Notes the discontinuation of DMARC aggregate reporting and its implications.
  • ​Advises organisations to seek alternative solutions for DMARC reporting, such as Red Sift OnDMARC.

Introduction

The National Cyber Security Centre (NCSC) recently proposed updates to its Mail Check coming into effect on 24 March 2025. As the service evolves to focus on accessibility and scalability, some of the features that UK public sector organisations relied on will no longer be available, including DMARC aggregate reporting.

To help make sense of this shift, we recently held a webinar with former NCSC founder and CEO, Ciaran Martin, and Red Sift’s CEO, Rahul Powar, to discuss how public sector organisations can understand, adapt and find solutions to simply any transition brought on by the updates. 

Watch the full recording:

How is Mail Check changing in 2025? 

Ciaran explained that the UK faced significant cybersecurity challenges, including widespread digital pollutants left unaddressed and millions of websites harbouring malicious code. To tackle these issues, Mail Check was developed as part of the Active Cyber Defense Initiative, providing public sector organisations with tools to implement key email security protections like DMARC, SPF, DKIM, and TLS

Now that both public and private sector organisations are maturing and adopting effective email security measures, Mail Check is phasing out some of its services, including:

  • DMARC aggregate reporting: A vital monitoring tool to protect against unauthorised use of domains while managing and identifying new senders
  • DMARC and DKIM insights: Key to identifying and resolving encryption issues, helping to avoid deliverability challenges.
  • TLS reporting (TLS-RPT): Essential for ensuring email authenticity and secure communication.
“We’ve seen a maturity in organisations in the private sector to create and enable solutions and a maturity within government organisations to use and deploy these tools.”

Billy McDiarmid

Senior Director, Sales Engineering at Red Sift

No more DMARC reporting? What’s the big deal? 

The primary purpose of DMARC reporting is to establish genuine authentication for outbound email, ensuring continuous monitoring and blocking illegitimate senders, explained Rahul. DMARC allows you to receive reports from email receivers (like Gmail and Yahoo) about the emails they’re receiving from your domain. 

These reports provide a wealth of information including:

  • Oversight into which IP addresses are sending emails on behalf of your domain
  • Enhanced  visibility into authentication and detailed feedback on SPF and DKIM reliability
  • A clearer understanding of DMARC failure, helping to identify and address issues. 

Failure to comply leaves you vulnerable

We don’t like to dwell on the negatives, but falling out of DMARC compliance can expose  public sector organisations and individuals to significant risks, including:

  • Domain phishing and spoofing: Without visibility into who is sending on your behalf, your domain can be spoofed, resulting in extensive financial and reputational damage.
  • Regulatory violations: Non-compliance with  regulatory frameworks like the Cyber Assessment Framework (CAF) and PCI-DSS 4.0
  • Email delivery issues: Legitimate emails may be blocked or misrouted, especially for businesses in p=reject, caused by misaligned systems or stricter sender authentication.

Red Sift is ready to support you

To address the upcoming changes to Mail Check, the NCSC advises affected departments to transition to alternative tools that support DMARC implementation. As Rahul confirmed, Red Sift is stepping in to support organisations during this transition, offering an extended free trial of its Red Sift OnDMARC application through to 31 March 2025, extending beyond Mail Check’s service end date.

“We make it easy to do the basic things correctly, so we can all get on with our day.”

Rahul Powar

CEO, Red Sift

With Red Sift OnDMARC, users gain a comprehensive alternative to Mail Check, providing equivalent reporting capabilities enriched with deeper data insights and continuous monitoring. The platform also includes TLS reporting and simplifies the adoption of emerging requirements like MTA-STS with a one-click deployment feature, streamlining policy hosting and management for enhanced email security.

See how we compare:

A trusted leader in the field

As the UK public sector’s trusted security partner, Red Sift is already providing monitoring for 6300 domains across Central Government, Devolved Nations, Blue Light, the NHS and many more. In addition, 70% of London borough councils trust Red Sift OnDMARC as their DMARC provider, with 70% of their combined domains having already achieved a DMARC status of p=reject.  

With Red Sift OnDMARC, organisations can protect against harmful attacks like phishing and Business Email Compromise (BEC), while benefiting from partnering with:

  • A G2 leader in the DMARC category 
  • An industry leading customer success team
  • The only UK-based DMARC provider on G-Cloud 14
  • UK head-quartered with UK data residency
  • ISO 27001 and Cyber Essentials certified

Ready to get started? Speak to the team today and begin your free extended trial

PUBLISHED BY

Jack Lilley

15 Jan. 2025

SHARE ARTICLE:

Categories

Recent Posts

VIEW ALL
DMARC

400,000 DMARC boost after Microsoft’s high-volume sender update

Jack Lilley

Microsoft’s decision to join Google and Yahoo in enforcing stricter rules for high-volume senders has triggered an immediate response across the internet. In the last 30 days alone, 406,042 new domains have deployed Domain‑based Message Authentication, Reporting & Conformance (DMARC), pushing the global total to 10.9 million. While not all domains will be exclusive Outlook users,…

Read more
DMARC

Red Sift partners with Gradian to strengthen email security through OnDMARC

Jack Lilley

Today Red Sift launches a new partnership with Gradian, a leading data protection provider, to offer its award-winning applications, including Red Sift OnDMARC, to new and existing customers. Established through Red Sift’s relationship with UK distributor E92plus, the two companies look to strengthen defences against phishing and Business Email Compromise (BEC) attacks. Allowing organisations…

Read more
Cybersecurity

DMARCbis: What are the changes and how to be ready

Jack Lilley

Executive Summary: DMARCbis, also known as DMARC 2.0, is the forthcoming update to the DMARC email authentication protocol, designed to address limitations and ambiguities in the original standard, with an expectation to be finalized and published in 2025. The update introduces clearer guidelines, a new method for determining organizational domains, and streamlined record management.…

Read more
Certificates

TLS certificates are changing: What you need to know

Jack Lilley

Executive summary: TLS certificates are about to get significantly shorter-lived. Starting 15 March 2026, newly issued public-trust certificates will max out at 200 days—and just three years later, that lifespan drops to 47 days. Backed by Google, Apple, and Mozilla, this shift aims to make the web safer through fresher data, faster failover, and…

Read more