Protecting Your Online Presence: An Introduction to SPF, DMARC, and DKIM
Securing your website and email requires taking vital steps to keep your domain safe and your online reputation intact. In this blog post, we will be diving into three essential tools you can use to ensure you stay protected. Whether you're a website owner or just someone who likes to stay informed about online security, we will break it down and explain the importance of each tool.
If you want to learn more about securing your website from the most common vulnerabilities, read about a Website Vulnerability Assessment.
Why are these tools needed?
Email spoofing is a phishing attack and is the leading risk involved when the correct domain protection tools are not set up. This is a typical attack used by threat actors to trick recipients into thinking an email is trustworthy when it is not. In the cyber security breaches survey for 2023, it was revealed that 89% of businesses had identified phishing attempts in the last 12 months. These tools can help ensure that impersonating your domain or organisation is more complex and reduce the risk of falling victim to an attack.
Sender Policy Framework (SPF)
Sender Policy Framework is a crucial tool for protecting your domain. They let you define mail servers authorised to send emails to your domain. This ensures that emails you send don't get marked as spam by the recipient, so they can identify fake messages that appear to have been sent from your organisation, keeping themselves safe.
Domain Keys Identified Mail (DKIM)
Domain Keys Identified Mail allows senders to sign their emails with a unique signature checked by your receiving servers to verify if the message is authentic and has not been altered. DKIM works with SPF and provides another way to let the recipients of your emails know the messages they receive are from you.
Domain-based Message Authentication, Reporting & Conformance (DMARC)
DMARC is a system that identifies if SPF and DKIM protect an email. When an email arrives, it specifies what to do if neither authentication method is present, most commonly putting the emails into a spam or junk folder. This reduces the risk a user will click on a potentially fraudulent email by clearly marking it as spam.
How do you check individual email authentication?
You can view the authentication results of an email you've received to take a closer look. It's different for every email client, but your goal is to show the original full email so you can view the "Authentication-Results" header of the email. For example, in Gmail, you can follow these steps, and after that, you should see something like this:
, all three tests passed; because of this, we can be more confident that the email's sender is who they say they are and more likely not to be a phishing attack.
Each of these three tools works together to ensure your online presence is protected. Implementing these measures is crucial for maintaining the integrity of your emails and ensuring the safety of your online assets and your business.
How to implement SPF, DKIM and DMARC
You can check what protection your email domain has using the National Cyber Security Centre (NCSC) Email Security Check tool.
If you don't have an IT provider to help set up, you can typically set these up through your email provider. To set up SPF, you must create a DNS record for your domain that identifies which IP addresses are authorised to send emails on your behalf. For DKIM, you must generate a public-private key pair and add the public key as a DNS record for your domain.
The private key will be used to sign outgoing email messages. Finally, for DMARC, you must create a DNS record that specifies your desired DMARC policy, which can help prevent fraudulent email messages from being delivered to recipients.
The steps can vary depending on your email provider, but many providers have documentation available to help you get started. For example, if you use Gmail, they provide an excellent resource explaining the setup.
If you have an IT provider, you can work with them to set up SPF, DKIM, and DMARC for your email domain. They can usually handle the technical details and can also monitor and troubleshoot any issues that may arise with email delivery or authentication.
When working with your IT provider, you must communicate your desired email authentication policy and any specific requirements or preferences you may have. You may also want to ask your IT provider to regularly report email authentication results, which can help you identify and address any potential issues with your email domain's authentication status.
The NCSC also offers a detailed guide for IT managers and Systems Administrators.
We can support your business on your cyber journey and help protect your business with affordable cyber security services. Contact the team here to learn more about our Cyber Risk Assessment and Website and Network Vulnerability Assessments.
