Starting 24 March 2025, the NCSC will be discontinuing DMARC aggregate reporting as part of a broader strategy to expand Mail Check services to all UK-based organisations while managing costs and complexity.

Understanding the Mail Check Changes

The NCSC has confirmed that Mail Check will continue to provide essential security checks, including:

• DMARC policy, policy strength and errors
• SPF policy, effectiveness and errors
• MTA-STS policy, policy strength and errors
• Inbound TLS (certificate validity, encryption ciphers)
  
  

However, support will cease for several critical components:

• DMARC aggregate reporting
• DMARC insights
• DKIM checks
• TLS reporting (TLS-RPT)
  
  

As cyber threats become increasingly sophisticated, these changes raise important considerations for public sector organisations that rely on comprehensive email security monitoring.

The Critical Role of DMARC Reporting

DMARC (Domain-based Message Authentication, Reporting and Conformance) reporting isn't merely an optional add-on—it's a fundamental component of a robust email security strategy. Here's why reporting capabilities remain essential:

Continuous Protection Against Evolving Threats

Without continuous monitoring and reporting, organisations can't effectively track emerging threats or identify potential vulnerabilities in their email infrastructure. As threat actors rapidly adapt their techniques, static security measures quickly become outdated.

Preventing Security Drift and System Failures

Email systems are dynamic, with frequent changes to configurations, updates to services, and modifications to sending infrastructure. Without proper reporting, security "drift" can occur where previously compliant systems gradually become vulnerable. For organisations operating at DMARC enforcement levels, this can result in legitimate emails being blocked—potentially disrupting critical communications.

Compliance with UK Government Standards

DMARC reporting is integral to meeting the requirements outlined in the Cyber Assurance Framework (CAF), which is mandatory for UK government organisations. The framework specifically requires:

• Management of security risks
• Protection against cyber attacks
• Implementation of detection tools for cybersecurity events
• Minimisation of incident impact
  
  

Additionally, the NCSC advises organisations to develop capabilities for detecting common cyber attacks and to maintain defined response plans for security incidents.

Transition Solutions for Public Sector Organisations

At Altiatech, we're offering impacted organisations a free assessment to help navigate this transition and implement alternative solutions.

Best Practices Moving Forward

As public sector organisations adapt to these changes, here are recommended best practices to maintain robust email security:

1. Implement Alternative DMARC Reporting Solutions

Consider partnering with specialised security providers like Altiatech that offer comprehensive DMARC reporting and analysis.

2. Maintain Continuous Monitoring

Email security is never a "set and forget" solution. Regular monitoring is essential to identify and address potential vulnerabilities before they can be exploited.

3. Conduct Regular Security Audits

Periodic security audits help ensure that email configurations remain compliant with best practices and regulatory requirements.

4. Stay Informed About Security Standards

As email security standards evolve, organisations should remain informed about new recommendations and requirements from entities like the NCSC.

Conclusion

The upcoming changes to the NCSC's Mail Check service represent a significant shift for UK public sector organisations. While the core security checks will remain available, the discontinuation of DMARC reporting capabilities necessitates a proactive approach to maintaining robust email security.

By implementing alternative reporting solutions and following best practices for email security, organisations can continue to protect themselves against evolving cyber threats while meeting regulatory requirements.

For more information about how Altiatech can support your organisation through this transition, contact our team at innovate@altiatech.com or call 0330 332 5482.