Phishing and email spam are the biggest opportunities for hackers to enter the network. If a single user clicks on some malicious email attachment, it can compromise an entire enterprise with ransomware, cryptojacking scripts, data leakages, or privilege escalation exploits.
Three of solutions:
-
Sender Policy Framework (SPF), which hardens your DNS servers and restricts who can send emails from your domain.
-
DomainKeys Identified Mail (DKIM), which ensures that the contents of your emails remains trusted and hasn’t been tampered with or compromised.
-
Domain-based Message Authentication, Reporting and Conformance (DMARC), which ties the first two protocols together with a consistent set of policies.
The reason for the three different approaches is partly because each solves a somewhat different piece of the email puzzle to prevent phishing and spam. This is accomplished via a combination of standard authentication and encryption tools, such as public and private key signing, and adding special DNS records to authenticate email coming from your domains.
Use SPF, DKIM and DMARC together
If your email infrastructure implements all three protocols properly, you can ensure that messages can’t be easily forged and that you can block them from ever darkening your users’ inboxes. That’s the idea anyway, and as you’ll see, a big if.