DNS Configuration

Boost your email security with SPF, DKIM, and DMARC

LAST EDITED:
PUBLISHED:
23/8/2023

In the realm of cyber security, ensuring the legitimacy of your organisation's email communications is paramount. This is where the trifecta of Sender Policy Framework (SPF), Domain Keys Identified Mail (DKIM), and Domain-based Message Authentication, Reporting & Conformance (DMARC) come into play.

In the realm of cyber security, ensuring the legitimacy of your organisation's email communications is paramount. This is where the trifecta of Sender Policy Framework (SPF), Domain Keys Identified Mail (DKIM), and Domain-based Message Authentication, Reporting & Conformance (DMARC) come into play.

SPF: the team uniform of your organization

Think of SPF as your sports team uniform, defining who belongs to your squad. The SPF is a security measure that declares which mail servers are authorised to send emails on behalf of your organisation. Just like a team uniform, it helps identify who's genuinely "on your team". Each mailbox contains a record showing its address as part of your organisation, like wearing a uniform that signifies the team they play for.

DKIM: the official logo that confirms authenticity

Now, consider DKIM as the official team logo that adorns the uniform, providing an extra layer of legitimacy. DKIM is a digital signature added to emails to authenticate the sender’s identity, similar to an official logo on a sports jersey that validates its authenticity. Without this signature, emails could be spoofed or faked, much like imposters could falsely claim to belong to a team by wearing its uniform. However, the authentic uniform with its official logo helps to distinguish real team players from the imposters. To dive deeper into DKIM, you can read more here.

DMARC: the roster matching players with teams

Finally, consider DMARC as the team roster. It establishes the relationship between the SPF entries (the players) and the DKIM signatures (the authenticating logos) that identify them. Published via DNS, the DMARC record is accessible to anyone on the internet, enabling them to verify your "team roster." This record encompasses everyone sending emails on behalf of your domain and aids in identifying phishing or other suspicious activities.

The crucial role of SPF, DKIM, and DMARC

But why is this trifecta - SPF, DKIM, and DMARC - so essential for your organisation? According to the Verizon Data Breach Report, a staggering 86% of malware delivered across over 7,000 incidents in 2022 came via email. The risk is high when someone can spoof an email from your organisation, potentially distributing malware or harassing your customers. Thus, implementing SPF, DKIM, and DMARC protocols is vital in preventing such spoofing, akin to ensuring only verified players, wearing authentic uniforms with official logos, can represent your team on the field.

In the evolving landscape of cybersecurity, staying ahead means equipping your team with the right "uniforms," "logos," and ensuring your "roster" is up-to-date and verified.

Checklist

Understand the importance of email security

  • Email is one of the most common vectors for cyberattacks, with threats ranging from phishing to malware. Understanding this importance will drive your organisation to take the necessary measures to secure your email systems.

Learn about SPF, DKIM, and DMARC

  • These three protocols are fundamental to secure email practices. SPF (Sender Policy Framework) identifies authorised senders, DKIM (Domain Keys Identified Mail) adds a digital signature to prove sender identity, and DMARC (Domain-based Message Authentication, Reporting & Conformance) builds on SPF and DKIM to further enhance email security.

Ensure SPF is in place for your organisation

  • An SPF record in your DNS settings specifies which servers are allowed to send emails on behalf of your domain. This helps to prevent email spoofing.

Ensure DKIM is set up for your organisation

  • DKIM allows your organisation to take responsibility for sent messages that can be verified by mailbox providers. This helps build trust with these providers, improving your email deliverability.

Set up a DMARC record

  • DMARC unites SPF and DKIM into a common framework and allows your domain to publish policies that specify how your emails should be handled. It’s the most powerful weapon to date in the fight against phishing and spoofing.

Regularly check the settings for your organisation's email security

  • Use tools like MX Toolbox to periodically check your email security settings. This ensures that your security measures are consistently applied and updated.

Configure your DMARC record

  • If your organisation uses Office 365 or Outlook Mail, follow Microsoft's guide to set up DMARC. If you use Google Mail, refer to Google's support documentation. Configuration may vary depending on your email service provider, so it's important to follow the right guide.

Understand your DMARC policy

  • Learn about DMARC tags and how they define the action to be taken upon receiving unauthenticated messages from your domain. Understanding these tags will allow you to set up a DMARC policy that meets your organisation's needs.

Stay informed about the latest email security practices

  • Follow trusted sources, such as the MX Toolbox Guide, to keep your knowledge up-to-date. Cybersecurity is a rapidly changing field, and staying informed is key to maintaining a strong security posture.

Protect your organisation's communication integrity by understanding and implementing SPF, DKIM, and DMARC effectively.

DNS Configuration
Checklist
Expert

Related articles

Compromised Assets

How to respond to ransomware

How your company can protect itself from ransomware and what to do in the event of an attack. ​

System Security

Cyber security for SMEs

Learn more about cyber security services that SMEs can leverage to stay safe and protected from cyber threats.

Exposed Services

Strengthen your network security by closing unnecessary ports

Attackers knock at virtually every public-facing website or server and automate attacks on weak, easy-to-exploit ports. To bolster your cybersecurity, it's crucial to close ports that are not necessary for IT operations, restricting access to your internal network only.

View all

Sign Up to Our Newsletter

Our weekly Asia Cyber Summary is a snappy, non-technical overview of regional cybersecurity news that helps you stay informed. Test it today, you can always unsubscribe. 

Let’s talk
DNS Configuration
Expert