• by Ray Schultz , May 22, 2018

Valimail, a provider of an automated email authentication platform designed to prevent spoofing, has raised $25 million in a Series B investment round.

The round is led by Tenaya Capital, with participation from existing venture investors Shasta Ventures, Flybridge Capital Partners, and Bloomberg Beta. 

Valimail will use the money to fund global growth and expand its anti-impersonation services. It plans to “make our platform available worldwide,” states Alexander García-Tobar, co-founder and CEO of Valimail.

The firm uses such open standards as SPF, DKIM, DMARC (Domain-based Message Authentication, Reporting & Conformance) to prevent unauthorized senders from sending an email in a user’s name. Its clients include Yelp, Uber, Fannie Mae, Manulife and WeWork. 

Valimail, which has around 50 employees, has about 20 open positions and is hiring. According to a spokesperson, its Amazon Web Services infrastructure now has points of presence in EMEA and Asia as well as two locations in the U.S. (West coast and East).

The company's platform expansion involves facilitating future products for specific verticals as and address the Friendly From and similar domain problems. These issues arise when attackers use the "Friendly From" or a domain that is similar to, but not quite exactly, the one they're trying to spoof.

Valimail is able to isolate its European customers’ data in a European data center to comply with GDPR requirements.

Tenya Capital believes that “Valimail’s technology represents the perfect convergence of a huge need (stopping impersonation and restoring trust to email), a rapidly growing market, and a revolutionary technology led by an experienced, disciplined team,” states Brian Melton, managing director, Tenaya Capital.

In April, Valimail launched IDEA (Identity-Driven Email Anti-impersonation), a cloud-based email authentication platform that it says can improve email delivery and protect firms from fraudulent emails.

Valimail states that the Federal Trade Commission and other entities recommend DMARC for all companies. However, the firm studied one million DNS records and found that 80% of DMARC implementations fail to achieve enforcement -- regardless of company size or vertical, it claims.