Protect your domain from spoofing
Email address spoofing is when the envelope sender address is forged to make it seem as though the email originated from a legitimate source. This technique is often used for spam and phishing. Reduce the likelihood of your domain name getting fraudulently spoofed and keep your messages from getting flagged as spam before they reach your recipients.
In order to secure your e-mail service and make sure that you won't have issues with e-mail spoofing, you need to set SPF, DKIM and DMARC records for your domain.
- Adding an SPF record to your DNS zone file is the best way to stop spammers from spoofing your domain. In addition, an SPF Record will reduce the number of legitimate e-mail messages that are flagged as spam or bounced back by your recipients' mail servers. The SPF record is not 100% effective, unfortunately, because not all mail providers check for it.
- Use DKIM in addition to SPF to help prevent spoofers from sending messages that look like they are coming from your domain. DKIM lets you add a digital signature to email messages in the message header. When you configure DKIM, you authorize your domain to associate, or sign, its name to an email message by using cryptographic authentication. Email systems that receive email from your domain can use this digital signature to help determine if incoming email that they receive is legitimate.
- Consider DMARC: DMARC is built on top of two existing mechanisms, SPF and DKIM. It allows the administrative owner of a domain to publish a policy on which mechanism (DKIM, SPF or both) is employed when sending email from that domain and how the receiver should deal with failures.