The National Cyber Security Centre (NCSC) is modifying Mail Check services to discontinue certain features, such as DMARC aggregate reporting, while continuing others. These changes aim to expand Mail Check’s accessibility to all UK-based organisations and manage service complexity and costs. Public sector organisations relying on Mail Check for DMARC aggregate reporting should seek an alternative service provider before 24 March 2025.
Without adopting an alternative provider, such as Red Sift OnDMARC, security teams risk being exposed to phishing and spoofing attempts, Business Email Compromise (BEC) attacks, and misconfigured security. The main changes and what to expect include:
- Discontinuation of DMARC aggregate reporting: Mail Check will no longer provide DMARC aggregate reporting, which has been essential for monitoring unauthorized use of domains and identifying potential email-based threats.
- Cessation of DMARC insights and DKIM checks: The service will stop offering DMARC insights and DomainKeys Identified Mail (DKIM) checks, tools crucial for diagnosing and resolving email authentication issues.
- End of TLS reporting (TLS-RPT): Mail Check will discontinue Transport Layer Security Reporting, which has been used to monitor and ensure the security of email transmissions.
After 24 March 2025, Mail Check will continue to assess DMARC policies, SPF policies, MTA-STS policies, and inbound TLS configurations.
Don’t take a risk on compliance
If UK public sector organisations fail to adopt a new service provider following the upcoming changes to Mail Check, they could face several serious consequences:
- Compliance and regulatory risks
Many UK public sector organisations must comply with NCSC guidelines, GDPR, and the Cyber Assessment Framework (CAF) and PCI-DSS 4.0. Without DMARC aggregate reporting, organisations risk non-compliance, leading to potential fines, audits, or reputational damage due to lack of full visibility into outbound email communications.
- No DMARC aggregate reporting: No visibility
Without DMARC aggregate reporting and insights, organisations will lose visibility into unauthorized use of their domains. This makes it easier for cybercriminals to impersonate government entities, send fraudulent emails, and launch BEC attacks.
- Lack of threat intelligence and incident response capabilities
The discontinuation of TLS-RPT and forensic DMARC insights means organisations will lose access to crucial security data that helps detect threats in real-time. Without this visibility, responding to cyber incidents will be slower and less effective, increasing the risk of data breaches and operational disruptions.
Red Sift OnDMARC is here to help
The NCSC advises affected departments to transition to a solution that ensures continued DMARC implementation and ongoing support for the services Mail Check will no longer provide. To assist with this shift, Red Sift is offering an extended free trial, available beyond Mail Check’s service end date, running until March 31, 2025.
What’s the key difference?
Mail Check (after March) | Red Sift OnDMARC | |
DMARC Aggregate Reporting | ❌ | ✅ |
DMARC Insights & Forensic Reporting | ❌ | ✅ |
SPF & DKIM checks | ❌ | ✅ |
TLS Reporting (TLS-RPT) | ❌ | ✅ |
DMARC policy assessment | ✅ | ✅ |
SPF policy strength evaluation | ✅ | ✅ |
Inbound TLS configuration checks | ✅ | ✅ |
MTA-STS policy assessment | ✅ | ✅ |
Red Sift OnDMARC provides a seamless alternative, delivering the same essential reporting features as Mail Check while enhancing data insights for improved security oversight. Along with TLS reporting, OnDMARC simplifies the adoption of new security measures like MTA-STS, offering a one-click deployment to streamline policy management and hosting.
Start your Red Sift ONDMARC trial today and stay protected.
