Write an SPF record to include all known good mail relays. Are all legitimate mail relays accounted for in your policies? Your Sender Policy Framework (SPF) record should include all hosts authorized to send email with your Domain name.
Add a DKIM record to add proof to your outbound email. Can your message be validated cryptographically? DomainKeys Identified Mail (DKIM) permits your email recipients to authenticate your email truly comes from your mail server.
Publish a DMARC record to control the email traffic that can pass. Is your Domain configured to handle unauthenticated email? Implementing Domain-based Message Authentication, Reporting and Conformance (DMARC) lets you act before email arrives.
Tune in any media, and you will learn the dangers of trusting online communications. While every breach is different, the most common targeted breach occurs through email. It is the pathway of least resistance for Ransomware and other Socially-Engineered Attacks. Learn your weaknesses before your adversary does with our Mirror Tool.
It is true when you properly send email in alignment with the latest specifications, more of your email gets delivered. You can also block and quarantine messages from Senders who do not have basic security measures in place. Checking your settings with every new service integration is best practice.
Got questions? We have answers.
The answer is to stay vigilant, but you can't watch everything! You have to find the needle in the haystack, and applying filtering of unauthenticated email is a great start!
DMARC is a critical layer in a defense in depth strategy that can remove the vast majority of spoof attempts with a strict policy to reject unauthenticated email.
There is a good chance you will disrupt email if you implement DMARC without the proper expertise. Changes are made in the DNS Zone File and can take 48 hours to reverse if there is an error.
No. Email authentication involves implementing a key on your Domain server and aligning that key with all mail relays. It requires configuration changes outside of the email system.