The Executive Office of the President isn’t complying with the DMARC protocol, but that has fewer implications than some headlines would suggest.
This year, US agencies rushed to implement Domain-based Message, Authentication, Reporting and Conformance (DMARC) protocols by a deadline mandated by the Department of Homeland Security. So, when the Global Cyber Alliance published research that 18 email domains managed by the Executive Office of the President were not using DMARC after that deadline had passed, the reaction was to lament the slow-moving agencies and criticize them for leaving their employees vulnerable to phishing attacks.
