How to stop hackers from sending emails as you or your domain
-
Upload
wewatchyourwebsite -
Category
Internet
-
view
170 -
download
3
Transcript of How to stop hackers from sending emails as you or your domain
Email spoofing
SPAM and phishing emails frequently use “spoofed” email to spread viruses and steal personal information.
Is your email is being spoofed?
You’ll see many returned emails (bounced) in your inbox (or SPAM/Junk folder) that you never sent
So what?
Every time an email is sent with your domain being spoofed – it’s another win for the hackers!
What steps can you take to do your part?
• Education is vital. Share this education with others: friends, family, co-workers, business associates, Facebook, LinkedIn, etc.
What steps can you take to do your part?
Beyond education, set-up as many automated functions as possible to pre-filter emails before you see them.
What steps can you take to do your part?
Sender Policy Framework (SPF) should be carefully configured for all your email domains. It doesn’t require an advanced college degree – but it helps to know the little “tricks of the trade”.
Prevention
Reportedly, about 60% of email domains already have SPF setup. However, our research shows only about half of them are configured properly.
Configuring SPF
SPF allows you to specify which hosts are allowed, or pre-approved to send email on behalf of one of your domains
Improperly configured
It probably has a setting like:
v=spf1 +a +mx +ip4:(your IP address) ?all
v=spf1: Identifies this as an SPF record SPF version 1
a Authorizes the host(s) listed in the domain’s A record to send email
mx The MX records are tested in order of MX priority
ip4: The IP address of your mail server. Additional ones are spaced
?all The SPF record specifies explicitly that nothing can be said about validity
What it should be
v=spf1 +a +mx +ip4:(IP address of email server) ~all
Changing the ?all to ~all is the one little change that makes a huge difference.
The difference between the ~ and ? is that the ~ denotes that the list is all inclusive and no other servers are authorized to send email
For email servers that check SPF records this will dramatically reduce the amount of bounce-backs, spoofing and forged emails sent using your domain
1. You need to take every step possible to prevent SPAM2. Take some simple steps and realize how much better email is3. Share this with friends – the more people who participate the more
effective this becomes