Sign up for our daily briefing

Make your busy days simpler with Axios AM/PM. Catch up on what's new and why it matters in just 5 minutes.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Catch up on the day's biggest business stories

Subscribe to Axios Closer for insights into the day’s business news and trends and why they matter

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Sign up for Axios Pro Rata

Dive into the world of dealmakers across VC, PE and M&A with Axios Pro Rata. Delivered daily to your inbox by Dan Primack and Kia Kokalitcheva.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Sports news worthy of your time

Binge on the stats and stories that drive the sports world with Axios Sports. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Tech news worthy of your time

Get our smart take on technology from the Valley and D.C. with Axios Login. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Get the inside stories

Get an insider's guide to the new White House with Axios Sneak Peek. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Denver news?

Get a daily digest of the most important stories affecting your hometown with Axios Denver

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Des Moines news?

Get a daily digest of the most important stories affecting your hometown with Axios Des Moines

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Twin Cities news?

Get a daily digest of the most important stories affecting your hometown with Axios Twin Cities

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Tampa Bay news?

Get a daily digest of the most important stories affecting your hometown with Axios Tampa Bay

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Charlotte news?

Get a daily digest of the most important stories affecting your hometown with Axios Charlotte

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Nashville news?

Get a daily digest of the most important stories affecting your hometown with the Axios Nashville newsletter.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Columbus news?

Get a daily digest of the most important stories affecting your hometown with the Axios Columbus newsletter.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Dallas news?

Get a daily digest of the most important stories affecting your hometown with the Axios Dallas newsletter.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Austin news?

Get a daily digest of the most important stories affecting your hometown with the Axios Austin newsletter.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Atlanta news?

Get a daily digest of the most important stories affecting your hometown with the Axios Atlanta newsletter.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Philadelphia news?

Get a daily digest of the most important stories affecting your hometown with the Axios Philadelphia newsletter.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Chicago news?

Get a daily digest of the most important stories affecting your hometown with the Axios Chicago newsletter.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Sign up for Axios NW Arkansas

Stay up-to-date on the most important and interesting stories affecting NW Arkansas, authored by local reporters

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top DC news?

Get a daily digest of the most important stories affecting your hometown with the Axios DC newsletter.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Photo: Mike Clarke / AFP via Getty Images

A year ago, the Department of Homeland Security gave nearly all civil federal agencies 12 months to adopt an email security standard that prevents email fraud. In data as recent as Monday, 2 sets of researchers show that between a quarter and a half of those agencies' web domains failed to meet the Tuesday deadline.

Why it matters: Email was not designed to check whether a message claiming to be from an email address actually came from that address, and that's a big gap. Just imagine how much chaos an attacker could cause by sending fraudulent emails messages from "evacuation-warnings@EPA.gov." When properly set up, DMARC plugs that security hole.

Details: DMARC (formally Domain-based Message Authentication, Reporting and Conformance) lets email programs check if a server sent a message. If not, DMARC can instruct it to reject the message, send the message to spam or do nothing out of the ordinary.

  • "It's a common sense security measure, and it makes no sense to allow criminals to send fake emails," said Patrick Peterson, executive chairman and founder of email security firm Agari.

Homeland Security gave agencies until Tuesday to implement the reject option.

  • Intelligence and defense agencies were exempt and, according to a study by the security advocacy group the Global Cyber Alliance and Agari, almost entirely did not comply.

By the numbers: Of 1315 federal web domains checked Monday morning, email security company ValiMail determined only 57% had met the federal mandate. In the more formal study by the Global Cyber Alliance and Agari, a different sample of 1144 sites found that 74% had complied. That leaves between 26% and 43% that have not.

  • Agari found more distinct sites that met the mandate and VailMail found more distinct sites that didn't. Based on those findings, at least 851 comply with the mandate and at least 564 did not.

Some extremely big-name agencies fall far short on DMARC, according to the Global Cyber Alliance / Agari study.

  • 13 out of 25 —more than half — of the tested domains run by the Executive Office of The President (colloquially known as the White House) had not implemented DMARC. Another 3 of the domains implemented DMARC without setting it to reject email.
  • Just under half of the Department of Commerce domains (25 out of 52) had not implemented DMARC.
  • Amtrak's lone domain had not implemented it, either.

ValiMail CEO Alex Garcia-Tobar notes that the results of his group’s work are encouraging and disappointing at the same time.

  • "The government has made amazing progress — going from 4% last year to over 50% this year. I've never seen them work this quickly on a security project," he said.
  • On the other hand, the unimplemented systems could be a real problem, Garcia-Tobar said. "Anything less than 100%, agencies are wide open to impersonation."

Don't forget: Not all compliant domains are created equal. Valimail found the compliance rate was, for example, much higher in domains that did not send out emails than in the ones that did.

  • "It’s much harder to put rules in place for domains that send emails than ones that don't," said Garcia-Tobar.

Go deeper

Mike Allen, author of AM
2 hours ago - Politics & Policy

First look: Anita Dunn advises Dems on economy message for '22

Signs from a President Biden event yesterday in Kansas City, Mo. Photo: Chase Castor/Bloomberg via Getty Images

In a midterm preview, top Democratic strategist Anita Dunn advises the party's House and Senate members to frame Republicans "as being against the economic interests of working Americans."

What she's saying: "Explicitly framing Republicans as opposing policies to lower costs does better than simply framing Republicans as the 'party of no,'" Dunn, White House senior adviser until August, writes in the memo.

JPMorgan: "Full global recovery" in 2022

Photo: Erik McGregor/LightRocket via Getty Images

JPMorgan Chase Global Research says in a forecast to clients: "2022 will be the year of a full global recovery, an end of the global pandemic, and a return to normal conditions we had prior to the COVID-19 outbreak."

The big picture: The bullish report sees "a return of global mobility, and a release of pent-up demand from consumers (e.g. travel, services)."

Inside Trump's hunt for "disloyal" Republicans

Illustration: Aïda Amer/Axios

Donald Trump and his associates are systematically reshaping the Republican Party, working to install hand-picked loyalists across federal and state governments and destroy those he feels have been disloyal, sources close to the former president tell Axios.

Why it matters: If most or all of Trump’s candidates win, he will go into the 2024 election cycle with far more people willing to do his bidding who run the elections in key states.

You’ve caught up. Now what?

Sign up for Mike Allen’s daily Axios AM and PM newsletters to get smarter, faster on the news that matters.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!