How and why use SPF, DMARC and DKIM for your Email security?
Sender Policy Framework (SPF) hardens DNS servers. It restricts who can send emails on behalf of your domain or the IP addresses of the servers from which the emails can originate. SPF can prevent domain spoofing. It enables your mail server to determine when a message came from the domain that it uses.
The DomainKeys Identified Mail (DKIM) ensures that the contents of your emails remain trusted and are not compromised.
The DMARC record Domain-based Message Authentication, Reporting and Conformance ties SPF and DKIM together with a set of policies.
Should we use all these? Yes. But why?
We have heard about a lot of phishing and email scams where people get trapped. Criminal gangs send out tempting emails with malicious attachments, enticing users to click on these links. It will eventually compromise the security of the whole network. It can be a ransomware attack or data leakage.
How to Add an SPF record for a domain?
Let’s take example.com as a sample specimen. We will first check the domain’s nameservers and have the login details to the DNS records panel.
- Log in to the DNS service provided account. It can either be the domain provider’s account or the third-party DNS provider who manages the DNS records.
- ADD the DNS TXT record for the domain
- An example for the SPF record is as below.
v=spf1 a mx ip4:xxx.xxx.xxx.xxx -all
(Replace all xxx by the IP address of the server from which the email originates.)
Once this is added, we will need to wait for the DNS propagation time based on the TTL to resolve the newly added DNS records globally. Once that is confirmed, we can check the SPF record using the link below.