LISTSERV - NOTICE_GENERAL Archives

NOTICE_GENERAL Archives

Notice_General

NOTICE_GENERAL@LISTS.ERCOT.COM

	LISTSERV Archives
	NOTICE_GENERAL Home

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Forum View Use Monospaced Font Show HTML Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	M-A031419-01 ERCOT Implementation of a DMARC “Reject” Policy
From:	ERCOT Client Services <[log in to unmask]>
Date:	Fri, 15 Mar 2019 15:33:13 +0000
Content-Type:	multipart/alternative
Parts/Attachments:	text/plain (3151 bytes) , text/html (8 kB)

***** EXTERNAL email. Please be cautious and evaluate before you click on links, open attachments, or provide credentials. *****

NOTICE DATE:  March 14, 2019
NOTICE TYPE:  M-A031419-01 General
SHORT DESCRIPTION:  ERCOT Implementation of a DMARC “Reject” Policy
INTENDED AUDIENCE:  Market Participants
DAY AFFECTED:  April 1, 2019

LONG DESCRIPTION:  In October 2017, the United States Department of Homeland Security (DHS) issued Binding Operational Directive BOD-18-01 – Enhance Email and Web Security<https://urldefense.proofpoint.com/v2/url?u=https-3A__cyber.dhs.gov_bod_18-2D01&d=DwIF-g&c=trp9rTvIdyEWh1VWB5x8_2JiPaB5oGZOtWPDws2_VoY&r=oHd46Wz8LigrpHwi5AJCCXH7a9wndoeaNfDwmksuzDk&m=nP18eywZxD6HirsHKQ3nebuwYmNDAK5fOHc9TtS_cHs&s=-ZwhE6sYHNYuNLfrueDgCojs2Y3ur69Q5AbXeprtoxo&e=>, requiring federal entities to implement email authentication technologies to prevent the transmission of email that fraudulently uses a federal domain.



Although ERCOT is not subject to the requirements of BOD-18-01, in an effort to ensure that only legitimate ERCOT emails reach their intended recipients, ERCOT will begin using a Domain-Based Message Authentication (DMARC) practice to reject emails that do not pass a verification test. This change will become effective April 1, 2019. DMARC is an email authentication/validation, policy and reporting practice designed to detect and prevent the distribution of fraudulent and/or deceptive emails.



In 2018, several million fraudulent and/or deceptive emails were sent using the @ercot.com domain. ERCOT’s practice will authenticate/validate outgoing emails from the @ercot.com domain, and will prevent any such emails that fail ERCOT’s DMARC test from reaching any intended recipient that has a DMARC practice in place.



ERCOT encourages Market Participants to adopt a DMARC practice to help protect their own domains and systems from fraudulent and/or deceptive emails.



ADDITIONAL INFORMATION: Please see the DMARC<https://urldefense.proofpoint.com/v2/url?u=https-3A__dmarc.org_&d=DwIF-g&c=trp9rTvIdyEWh1VWB5x8_2JiPaB5oGZOtWPDws2_VoY&r=oHd46Wz8LigrpHwi5AJCCXH7a9wndoeaNfDwmksuzDk&m=nP18eywZxD6HirsHKQ3nebuwYmNDAK5fOHc9TtS_cHs&s=KEKwNuQv0ImWXJbeEk3GbEcKRHYc-DYtEvL_xMqDRdo&e=> website for more information.  To determine whether a particular domain uses a DMARC practices use the DMARC Inspector<https://urldefense.proofpoint.com/v2/url?u=https-3A__dmarcian.com_dmarc-2Dinspector_&d=DwIF-g&c=trp9rTvIdyEWh1VWB5x8_2JiPaB5oGZOtWPDws2_VoY&r=oHd46Wz8LigrpHwi5AJCCXH7a9wndoeaNfDwmksuzDk&m=nP18eywZxD6HirsHKQ3nebuwYmNDAK5fOHc9TtS_cHs&s=en2qbtHERRlQqLb5_NJkrcuRCKraLZXQZhSa8_XHUGI&e=> search tool.



CONTACT: If you have any questions, please contact your ERCOT Account Manager. You may also call the general ERCOT Client Services phone number at (512) 248-3900 or contact ERCOT Client Services via email at [log in to unmask]<mailto:[log in to unmask]>


If you are receiving email from a public ERCOT distribution list that you no longer wish to receive, please follow this link in order to unsubscribe from this list: http://lists.ercot.com.

mm

ATOM RSS1 RSS2

lists.ercot.com