Protect your Email domain from spoofing

Email address spoofing is when the envelope sender address is forged to make it seem as though the email originated from a legitimate source. This technique is often used for spam and phishing. Reduce the likelihood of your domain name getting fraudulently spoofed and keep your messages from getting flagged as spam before they reach your recipients.

We recommend to first assess your current configurations for DMARC, DKIM, SPF and TLS. Assuming you have no email security measures yet implemented, you should in the first phase protect your email in transit. Once that done implement a DMARC policy of 'none' then create a SPF record and last create your DKIM record. The next couple of months should focus on the monitoring of your DNS record and updating them. The second phase is when you can shift your DMARC policy from 'none' to 'quarantine'. In that phase suspicious emails are directly sent to the spam/junk folder of the recipient. He can still recover them and mark them as legitimate. It is common to stay in phase 2 for 3 months. The third and last phase begins when you are confident in your DKIM and SPF configurations and you can set a DMARC policy of 'reject'. From this phase on you should keep monitoring your configurations using the same assessments tools you used at the beginning. This monitoring should never stop.