Friday, January 25, 2019

How to Stop Domain Email Spoofing

How to Stop Domain Email Spoofing

see this link:

Use SPF, DKIM and DEMARK to monitor and stop spoofing

  1. Add SPF records to your DNS for those servers you use for sending email messages. I use Google G Suite for everyday messages, Mailchimp for email marketing and Mailgun for transactional sending. I therefore need to add SPF records for these three services.
  2. Add DKIM records for the services where you added SPF records.
  3. Sign up for, and activate, the free DMARC reports by Postmark. You’ll need to add a TXT record to your domain specifying the DMARC requirements. The TXT record will look something like the below (Postmark will give you the exact syntax to add):
    v=DMARC1; p=none; pct=100;; sp=none; aspf=r;

Stop others sending email messages from your domain

The DMARC record that Postmark provides is very good for identifying which servers send emails purporting to be from your domain. The DMARC record however doesn’t instruct servers receiving messages that fail your SPF and DKIM alignment to do anything with the messages. We can amend the DMARC record to quarantine any messages that fail SPF and DKIM alignment (i.e. send those messages directly to the spam/junk folder of the recipient). To quarantine messages that fail alignment amend the TXT record for DMARC then change the TXT record to be like:
v=DMARC1; p=quarantine; pct=100;; sp=quarantine; aspf=r;
Before you instruct messages that fail SPF or DKIM alignment to be quarantined it is important to ensure that messages being legitimately sent from email sending services you use are aligning both SPF and DKIM.

Many Thanks To

This Tech Tidbit was brought to you by your friends at Eleven Dimensions Computer Technologies.
See our new 11D website at:

Our Partner Websites:

Bare Wire Networks:
CTI Solutions:

Many Thanks to Our Partner companies

No comments:

Post a Comment