Is your Business email Spoof-protected?

Email Spoofing complaints are on rise & common methods adopted by scamsters is to send an email to your users from an anonymous proxy using your own domain.

How Email Spoofing is Identified?

Rediff Entperise Mailing make best efforts to track and block such attempts of spoofing through DKIM. All mails sent using Rediff SMTP are signed using DKIM technique If the mail is intended for internal (same domain) users, then DKIM signature can be verified on receipt & delivered in inbox. Mail failing to verify will be considered as SPOOF

DKIM primarily is useful in identifying spoof of same domain mails as it verifies mails sent by Rediff SMTP However there is a possibility some mails are sent using SMTP of other Service provider. For instance, Your domain is used to send some mails using third party system(SMTP) like Payroll, CRM, Email Marketing, etc. Such emails may not be signed using DKIM.

This could create a problem as Legit Mails will be identified as SPOOF, to avoid same SPF record must be added in your DNS wherein if IP address of such systems will be mentioned. We will check the IP from which the mail is sent & once verified we can be sure that the mail is not spoofed.

What is SPF?

SPF (Sender Policy Framework) is a system to help domain owners specify the IP addresses of servers which are authorized to send mail from their domain. The objective is that your recipient’s mail systems can check to make sure that the server sending email from that domain is authorized to do so. This helps in reducing the chances of email spoofing. Mail servers that accept emails do a SPF check by looking up the SPF record of the sender.

How to add SPF record?

SPF record is a Domain Name Service (DNS) TXT record that specifies which mail servers are permitted to send email on behalf of your domain. SPF is added the same way as a regular A, MX, or CNAME record.

If you do not use any third party system to send emails from your domain, then your SPF record should be as follows:

“v=spf1 redirect=_spf.rediffmailpro.com”

If you use any 3rd party system to send emails from your domain, then SPF record should also include the IP or subnet of the machine sending those mails as follows:

“v=spf1 ip4: include:_spf.rediffmailpro.com -all”

The IP or subnet will be shared by your other service provider & same is to be included with our SPF records as explained above. This will help to identify legit mails & not categorize them as SPOOF

DMARC builds on two existing and widely deployed email authentication techniques, the Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM).

We recommend implementing DMARC (Domain-based Message Authentication, Reporting & Conformance) that uses SPF and DKIM to determine the authenticity of an email message.

Your DMARC record is published alongside your DNS records including:

  • SPF
  • DKIM
  • A-record
  • CNAME
Jeevanand

Biographical Info - Share a little biographical information to fill out your profile. This may be shown publicly.

Recent Posts

Debating on Cloud vs On-Premise: Why not choose Hybrid Email Solution?

Hybrid solution combines two models of email delivery on the same domain, offering the best…

5 years ago

Want to stop your customers from getting duped by email spoofing? Implement DMARC now!!

Organizations can stop spoof emails impersonating as them from reaching their customer’s inbox or junk/bulk…

5 years ago

Understanding Email & Collaboration

Teamwork creates human synergy. In today’s age, technology and specifically your Business Email can get…

6 years ago

DataCenter Summit and Awards 2018 – By USB Forums

Venkata Satish Guttula, Director – Security, Rediff.com India Ltd, has won an Award under the…

6 years ago

Demystifying Spear Phishing

Spear phishing is used when a hacker targets specific people using a more personalized approach.…

6 years ago

Protect your domain’s reputation with DMARC

Your brand reputation can be at risk. Cyber criminals can exploit the weaknesses in email…

6 years ago