Increased security of email notifications sent by Dynatrace with DMARC protocol

Most enterprises have experienced changes in their working conditions these past few months because of the COVID-19 pandemic. Notably, there’s been an increase in remote activities such as teleworking. Teleworking furthers a company’s reliance on email for communication, creating perfect conditions for email fraud schemes.

At Dynatrace, we’ve implemented the DMARC protocol for our email servers to prevent bad actors from spoofing Dynatrace emails. This significantly increases security and helps you place even more trust in Dynatrace as a company that delivers your business-critical email notifications.

What is the DMARC protocol?

DMARC (Domain-based Message Authentication, Reporting and Conformance) is an email authentication protocol. The purpose and primary outcome of implementing DMARC is to protect a domain from being used in email-compromise attacks, phishing emails, email scams, and other cyber threat activities. We leverage DMARC to protect the dynatrace.com domain from unauthorized use, commonly known as email spoofing.

With the DMARC policy, we are saying to the recipient server, if the Sender Policy Framework (SPF) or the DomainKeys Identified Mail (DKIM) is not authenticated by Dynatrace, then route emails from @dynatrace.com to the trash, or reject them at a later stage. This prevents bad actors from spoofing our emails.

– Jozef Kancian, Security Analyst at Dynatrace

Starting with Dynatrace version 1.198, only authorized domains can send emails from dynatrace.com (and Dynatrace Managed customers can no longer send emails from this domain).

Seamless update of email notifications configuration

Whether you use Dynatrace SaaS or Managed, you’re already protected, as the DMARC policy is already in place. For Dynatrace Managed, we automatically update your configuration to ensure that notifications aren’t routed to the spam email folder. This configuration update takes place with the release of Dynatrace version 1.198.

For your SMTP server configuration, the Sender email address configuration property that is set to an address at dynatrace.com will be changed to an address at dynatrace-managed.com (noreply@dynatrace-managed.com). Additionally, if you use Mission Control to send email notifications, the sender address will be notifications-noreply@dynatrace-managed.com. If your SMTP server filters sender addresses based on predefined rules, be sure to update your configuration accordingly. You might also need to update your email client settings.

Feedback, questions?

If you have any questions related to this change, don’t hesitate to contact a Dynatrace ONE product specialist via in-product chat. Or visit us at Dynatrace Answers.

Stay updated