Email Spoofing complaints are on rise & common methods adopted by scamsters is to send an email to your users from an anonymous proxy using your own domain.
How Email Spoofing is Identified?
Rediff Entperise Mailing make best efforts to track and block such attempts of spoofing through DKIM. All mails sent using Rediff SMTP are signed using DKIM technique If the mail is intended for internal (same domain) users, then DKIM signature can be verified on receipt & delivered in inbox. Mail failing to verify will be considered as SPOOF
DKIM primarily is useful in identifying spoof of same domain mails as it verifies mails sent by Rediff SMTP However there is a possibility some mails are sent using SMTP of other Service provider. For instance, Your domain is used to send some mails using third party system(SMTP) like Payroll, CRM, Email Marketing, etc. Such emails may not be signed using DKIM.
This could create a problem as Legit Mails will be identified as SPOOF, to avoid same SPF record must be added in your DNS wherein if IP address of such systems will be mentioned. We will check the IP from which the mail is sent & once verified we can be sure that the mail is not spoofed.
What is SPF?
SPF (Sender Policy Framework) is a system to help domain owners specify the IP addresses of servers which are authorized to send mail from their domain. The objective is that your recipient’s mail systems can check to make sure that the server sending email from that domain is authorized to do so. This helps in reducing the chances of email spoofing. Mail servers that accept emails do a SPF check by looking up the SPF record of the sender.
How to add SPF record?
SPF record is a Domain Name Service (DNS) TXT record that specifies which mail servers are permitted to send email on behalf of your domain. SPF is added the same way as a regular A, MX, or CNAME record.
If you do not use any third party system to send emails from your domain, then your SPF record should be as follows:
If you use any 3rd party system to send emails from your domain, then SPF record should also include the IP or subnet of the machine sending those mails as follows:
“v=spf1 ip4: include:_spf.rediffmailpro.com -all”
The IP or subnet will be shared by your other service provider & same is to be included with our SPF records as explained above. This will help to identify legit mails & not categorize them as SPOOF
DMARC builds on two existing and widely deployed email authentication techniques, the Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM).
We recommend implementing DMARC (Domain-based Message Authentication, Reporting & Conformance) that uses SPF and DKIM to determine the authenticity of an email message.
Your DMARC record is published alongside your DNS records including: