Date of analysis: 02/02/2025

Tunisia DMARC & MTA-STS Adoption Report 2025

According to the Global Organized Crime Index, cyber-attacks in Tunisia are increasing significantly. The cyber-attacks mainly target the industrial sector and lead to approximately millions of Tunisian dinars of losses a year. The Tunisian financial industry, on the other hand, enjoys a higher degree of protection from cyber-attacks compared to the government. As a result, Tunisia is now experiencing a significant increase in demand for local cybersecurity solutions. Studies predict that the cybersecurity market in Tunisia will possibly see a significant growth in revenue, reaching up to US$42.50m in 2025.

In this report, we will analyze Tunisia’s current cybersecurity posture. We will focus on studying the adoption levels of key email authentication protocols like DMARC, SPF, MTA-STS, and DNSSEC. Additionally, we will provide useful and actionable recommendations to help Tunisia improve its current security posture.

Download PDF Book a Demo

Assessing the Threat Landscape

PowerDMARC’s Tunisia DMARC and MTA-STS Adoption Report 2025 will focus on the following important issues:

To what extent has Tunisia correctly implemented SPF and DMARC?
To what extent does MTA-STS vary from one sector to another in Tunisia?
Which sectors in Tunisia enable DNSSEC?
What measures can the Tunisian government take to enhance its digital security posture?
Are some sectors more likely to become victims of cyber attacks than others?

Sectors Analyzed

Total domains analyzed: 522

Education
Finance
Government

Healthcare
Media

Telecommunications
Transport

What Do the Numbers Say?

Tunisia SPF Adoption Analysis

Tunisia DMARC Adoption Analysis

Tunisia MTA-STS Adoption Analysis

Tunisia DNSSEC Adoption Analysis

Key Findings

SPF adoption in Tunisia is relatively high. 76.44% of domains have correctly implemented SPF records, while 21.26% lack SPF records entirely.
DMARC implementation in Tunisia is low. Only 30.08% of domains have correctly implemented DMARC, and over 69.92% of domains have no DMARC record.
MTA-STS adoption in Tunisia is non-existent. 0.00% of domains have valid MTA-STS records and 100.00% of domains don’t implement it at all.
DNSSEC implementation in Tunisia is very low; Only 5.94% of domains have enabled DNSSEC, while 94.06% have not implemented it.

Sector-wise Analysis of Domains in Tunisia

Education

SPF Adoption Analysis

DMARC Adoption Analysis

MTA-STS Adoption Analysis

DNSSEC Adoption Analysis

Key Findings

The education sector in Tunisia shows the highest DMARC adoption rate among all sectors in Tunisia at 42.62%.
This sector was noted to have a strong preference for “Quarantine” DMARC policy at 31.15%, the highest among all sectors.
Demonstrates good SPF implementation; 75.41% of domains have correct records.
No domains in this sector have valid MTA-STS records. DNSSEC adoption is quite low at 3.3%.

Finance

SPF Adoption Analysis

DMARC Adoption Analysis

MTA-STS Adoption Analysis

DNSSEC Adoption Analysis

Key Findings

The finance sector in Tunisia exhibits the most balanced DMARC policy distribution, with equal percentages (9.35%) for both “Quarantine” and “Reject” policies.
Shows strong SPF implementation with 76.64% of domains having correct records.
Has a relatively low DMARC adoption rate of 32.71%.
MTA-STS adoption is non-existent in the finance sector. DNSSEC adoption is also quite low, at just 2.8%.

Government

SPF Adoption Analysis

DMARC Adoption Analysis

MTA-STS Adoption Analysis

DNSSEC Adoption Analysis

Key Findings

The government sector in Tunisia has the lowest DMARC adoption rate at 18.39%, with 81.61% of domains lacking DMARC records.
Shows the lowest correct SPF implementation at 67.82% among all sectors.
Demonstrates a low DMARC “Reject” policy usage at 3.45%.
DNSSEC is enabled for 6.9% of domains in this sector, while MTA-STS is completely absent.

Healthcare

SPF Adoption Analysis

DMARC Adoption Analysis

MTA-STS Adoption Analysis

DNSSEC Adoption Analysis

Key Findings

The healthcare sector in Tunisia has the highest rate of correct SPF implementation at 78% among all sectors.
Shows a balanced distribution between “None” and “Quarantine” DMARC policies, both at 14%.
Demonstrates a moderate DMARC adoption rate of 32%.
No domains in the healthcare sector have valid MTA-STS records. Only 4% of domains have enabled DNSSEC.

Media

SPF Adoption Analysis

DMARC Adoption Analysis

MTA-STS Adoption Analysis

DNSSEC Adoption Analysis

Key Findings

The media sector in Tunisia exhibits the highest correct SPF implementation at 84.07% among all sectors.
Shows the highest preference for “None” DMARC policy at 22.12%.
Has a relatively low DMARC adoption rate of 30.09%.
DNSSEC adoption is relatively higher in this sector, but still quite low at 8%. There are no MTA-STS records at all.

Telecommunications

SPF Adoption Analysis

DMARC Adoption Analysis

MTA-STS Adoption Analysis

DNSSEC Adoption Analysis

Key Findings

The telecommunications sector in Tunisia demonstrates the highest DNSSEC implementation at 16.67%, much higher than other sectors.
Shows a balanced DMARC policy distribution with the highest “Reject” policy usage at 7.14%.
Has a moderate DMARC adoption rate of 33.33%.
No domains in Telecommunications have valid MTA-STS records. DNSSEC adoption is quite higher than in other sectors, at 16.7%.

Transport

SPF Adoption Analysis

DMARC Adoption Analysis

MTA-STS Adoption Analysis

DNSSEC Adoption Analysis

Key Findings

The transport sector exhibits good SPF implementation. 75.81% of domains have correct records.
Shows a low DMARC adoption rate of 25.81%. 74.19% of domains lack DMARC records.
Demonstrates a preference for “None” DMARC policy at 14.52%.
Only 3.2% of domains in this sector have enabled DNSSEC. MTA-STS lacks completely.

Comparative Analysis Among Different Sectors

Comparative Analysis of SPF Adoption among Different Sectors in Tunisia

The adoption rate for SPF was highest in the Media sector of Tunisia. 84.07% of domains in this sector have correctly implemented SPF records. The Government sector showed the lowest rate of correct SPF implementation at 67.82%.

Comparative Analysis of DMARC Adoption among Different Sectors in Tunisia

DMARC adoption rates varied significantly across sectors in Tunisia. The Education sector led with the highest DMARC adoption rate of 42.62%. The Government sector was behind with (only 18.39%). The Finance and Telecommunications sectors showed moderate adoption rates of 32.71% and 33.33% respectively.

Comparative Analysis of MTA-STS Adoption among Different Sectors in Tunisia

The data shows that 100% of domains in every sector have not implemented MTA-STS.

Comparative Analysis of DNSSEC Adoption among Different Sectors in Tunisia

DNSSEC implementation was generally low. The Telecommunications sector showed the highest adoption rate at 16.67%. The Finance sector had the lowest DNSSEC adoption rate at 2.80%. Other sectors ranged between 3% and 7% adoption.

DMARC & MTA-STS Adoption Rates: Key Statistics for Tunisia

76.44% of Tunisian domains have correctly implemented SPF records. 21.26% do not have SPF records.
DMARC adoption is lower. Only 30.08% of domains have correct DMARC records. A substantial 69.92% of Tunisian domains still lack DMARC implementation.
Among domains with DMARC, the policy distribution is skewed towards less protective measures:
- 13.98% have a policy set to “none,” providing minimal protection.
- Only 4.79% have a “reject” policy, which offers maximum protection against email-based attacks.
- 11.30% use a “quarantine” policy, ensuring intermediate protection.

MTA-STS adoption is non-existent in Tunisia. 100% of Tunisian domains lack this important layer of email security.
DNSSEC implementation is very limited. Only 5.94% of domains have it enabled, while a vast majority of 94.06% have it disabled.

Critical Errors Organizations in Tunisia Are Making

SPF-Related Errors
While the SPF adoption rates are rather high in Tunisia, there are many errors that organizations in Tunisia make. These include:
- SPF records that do not comply with the 10 DNS lookup limit
- SPF records that exceed the SPF void limit of 2
- Errors related to the DNS record syntax and configuration.
DMARC Implementation Drawbacks
Many domains in Tunisia use highly permissive DMARC policies such as “none.” “reject” policy implementation, on the other hand, is quite low. The “none” policy provides no protection and makes these domains vulnerable to cyber threats.

Syntax and configuration errors are also common factors affecting proper DMARC implementation for most domains.

Lack of MITM Attack Protection
MTA-STS adoption is non-existent across all sectors in Tunisia. All domains lack this important security measure. This means that there is no adequate TLS encryption for inbound email delivery to a domain, which leaves communications vulnerable to Man-in-the-middle attacks.
Lack of DNS Attack Protection
DNSSEC adoption rates are generally low but vary among sectors, indicating a lack of security against DNS attacks.

How Can Organizations in Tunisia Improve Email Security & Deliverability?

Organizations in Tunisia can improve email security & deliverability by:

Increasing SPF adoption, particularly in the government sector where it’s the lowest.
Staying within the 10 DNS lookup limit for SPF
Using stricter DMARC policies (like “quarantine” or “reject”) across all sectors.
Going beyond just DMARC to implement BIMI and MTA-STS across all sectors to enhance email transport security.
Enabling TLS-RPT to support MTA-STS implementation, and monitor deliverability reports.
Improving DNSSEC adoption among all sectors
Ensuring SPF and DMARC records do not contain syntactical or configuration errors by using managed email authentication services and automated solutions.
Enabling DMARC reporting to monitor email deliverability regularly, and troubleshoot errors as and when they arise.
Following email authentication best practices or relying on a managed DMARC solution with a team of experts to handle email authentication on their behalf.

PowerDMARC provides a wide range of email authentication SaaS services, combining DMARC, SPF, DKIM, BIMI, MTA-STS, and TLS-RPT hosted. This makes email authentication adoption easy for even non-technical users. So far we have helped 100,000+ domains including MSPs, MSSPs, organizations, and governmental entities, identify and prevent cyberattacks before it was too late!

If professional guidance is what you need for configuring email authentication and preventing domain abuse and impersonation, PowerDMARC is for you!

Contact the PowerDMARC team at [email protected] to explore our pricing schemes to protect your next email from yet another hacker!

Ready to prevent brand abuse, scams and gain full insight on your email channel?

Start 15-day trial Book a demo

Tunisia DMARC & MTA-STS Adoption Report 2025

Assessing the Threat Landscape

Sectors Analyzed

What Do the Numbers Say?

Sector-wise Analysis of Domains in Tunisia

Comparative Analysis Among Different Sectors

Comparative Analysis of SPF Adoption among Different Sectors in Tunisia

Comparative Analysis of DMARC Adoption among Different Sectors in Tunisia

Comparative Analysis of MTA-STS Adoption among Different Sectors in Tunisia

Comparative Analysis of DNSSEC Adoption among Different Sectors in Tunisia

DMARC & MTA-STS Adoption Rates: Key Statistics for Tunisia

Critical Errors Organizations in Tunisia Are Making

SPF-Related Errors

DMARC Implementation Drawbacks

Lack of MITM Attack Protection

Lack of DNS Attack Protection

How Can Organizations in Tunisia Improve Email Security & Deliverability?

Ready to prevent brand abuse, scams and gain full insight on your email channel?

Tools

Product

Company