How to Prevent Email Spoofing with DKIM, DMARC & SPF

Рет қаралды 25,144

Күн бұрын

Пікірлер: 56

@ProTechShow 4 жыл бұрын

If you found this useful, you may also want to make sure nobody else can ready your emails: kzbin.info/www/bejne/r5e2dKSBZs2AZ5o

@setta.bozatti 4 жыл бұрын

Thanks a lot, I manage domains and email for several organizations and have configured those records before but never truly understood the concepts behind DKIM and DMARC. Thanks for explaining them understandably and thoroughly. I'd love to see a future video on certificates too!

@ProTechShow 4 жыл бұрын

Glad it was helpful. I'm sure I'll get around to a video on certificates at some point!

@AliHassan-mh2gh 4 жыл бұрын

Are you an email marketer or an affiliate marketer

@Funkteon Жыл бұрын

As a cybersecurity solutions sales rep, I can assure you that even if you tell businesses that their DMARC and DNSSEC is fucked, and that they have hundreds of staff emails and usernames all over the dark web, they don't give a fuck... They would rather sit and hope they're not at that business by the time they inevitably get hacked than be the one to put their hands up to suggest the business spend more money on cybersecurity...

@notta3d Жыл бұрын

Absolutely fantastic video. Fantastic! This is needed more than you could now. Thanks for this.

@ProTechShow Жыл бұрын

Glad to hear it helped!

@richmelcher6562 4 жыл бұрын

HELPFUL!!! I'm now able to wrap my (non-IT Pro) head around these concepts/protocols and have some idea about how to work towards SPF, DKIM, & DMARC implementation on my emails & domains. Muchas gracias!

@ProTechShow 4 жыл бұрын

Glad it helped!

@Sean-v9d2n 2 ай бұрын

An explanation I can understand on how it works. Thank you.

@ProTechShow 2 ай бұрын

Glad it was helpful

@MrMarcLaflamme 2 жыл бұрын

After watching a dozen different videos and reading countless articles I THINK this one helped, but I'm still struggling with something that recently happened. We've had SPF setup for a while and it's been working well but lately spoofed emails have been coming through (that appear to be sent by ourselves to ourselves - yet headers indcate it's clearly coming from somewhere else). When checking the headers I saw that SPF eval was PermError and this was due to one of the includes: having an error. What was confusing was that if the mail server couldn't validate SPF, why was the message coming through? I thought it was supposed to fail and be rejected. I've had to temporarily remove the third-party include but I don't know if this will solve the spoofing.

@Funkteon Жыл бұрын

@richardwaldron1684 2 жыл бұрын

Another great video, very detailed and well explained. Thanks for posting.

@ProTechShow 2 жыл бұрын

Thanks!

@ATCrogerwilco Жыл бұрын

One quick comment. SPF and DKIM I believe our prerequisites for DMARC, so you would need to implement both of those beforehand.

@ProTechShow Жыл бұрын

Yes and no. DMARC builds on these, so DMARC by itself is useless and the stronger SPF/DKIM are the stronger DMARC will be; but you don't need them fully implemented first to use DMARC. For example you could partially implement SPF with a soft-fail, then implement DMARC just for the reports, then use the DMARC reports to tighten up your SPF record and move it to a hard-fail, then change DMARC to a reject policy. At this point you may not even have touched DKIM, but DMARC helped with the implementation of SPF.

@billsmi22 2 жыл бұрын

Nicely explained, thanks!👍

@ProTechShow 2 жыл бұрын

Thanks!

@diversecontent788 3 жыл бұрын

Yes my organisation email was spoofed today spammer sent mail to me from my own email 😡 and now I am going to implement spf , thanks man

@ProTechShow 3 жыл бұрын

SPF should help and if they start getting especially sneaky, DMARC will lock things down further. 👍

@poonampatil7800 Жыл бұрын

Thanks, nicely explained...

@ProTechShow Жыл бұрын

Glad it was useful!

@SnehaKotak 2 жыл бұрын

can you help me create emails thats looks historic.... that they are back dated?

@ProTechShow 2 жыл бұрын

That seems... dodgy

@MichaelToub 11 ай бұрын

Great Video !

@ProTechShow 11 ай бұрын

Thanks!

@jozefwoo8079 Жыл бұрын

Does the DMARC guidance override the SPF guidance (hard fail, soft fail,...)?

@ProTechShow Жыл бұрын

They both run in parallel so it's possible to pass SPF and fail DMARC or vice-versa. If one mechanism fails then that mechanism's policy defines what happens. If both failed then both polices would apply and the end result would be whatever the most restrictive one said.

@jozefwoo8079 Жыл бұрын

@@ProTechShow Thank you for taking the time to respond!

@jozefwoo8079 Жыл бұрын

Anyone can send a message using DKIM, provided they have the private key of the sender right?

@ProTechShow Жыл бұрын

Yes. It's typically done by an SMTP service rather than an individual, and each service has its own key. So your antispam service might have a DKIM key to sign outbound mail, and maybe you use MailChimp for marketing and it has it's own key.

@jozefwoo8079 Жыл бұрын

@@ProTechShow Thank you!

@10bish10 4 жыл бұрын

Really great video, super helpful!

@ProTechShow 4 жыл бұрын

Thanks!

@jaydee177 3 жыл бұрын

How do spammers get your mailing lists and then spoof emails back to you using your customer’s email account and an IP close to their real IP?? Is there a way to prevent this?!!!

@ProTechShow 3 жыл бұрын

An antispam service with decent anti-spoofing detection may help, but ultimately you need the supposed sender (in this case your customer) to take action and implement anti-spoofing measures on their side for it to be effective. Depending on your relationship with them you could set up mutual verification between your server and theirs so emails from their domain are always authenticated, but this involves a bit of work for both of you. One of my customers takes the approach of telling every company they work with they expect them to set up SPF/DMARC. They can't enforce it, but there is an element of "help me help you" to it.

@jaydee177 3 жыл бұрын

@@ProTechShow - thanks for the response however I think my customers are completely unaware that their emails have been hijacked.

@jaydee177 3 жыл бұрын

@@ProTechShow - thanks for the reply however I don’t think my clients are even aware that their emails have been hijacked. Is there a way to prevent this??

@ProTechShow 3 жыл бұрын

You can't prevent it on their behalf. If it were me I'd let them know that they are being targeted by scammers. Feel free to link them to this video if it helps.

@AliHassan-mh2gh 4 жыл бұрын

I want to promote affiliate links and for that, I do emails marketing, all the time it goes in the spam folder or even not get sent to the receiver plz help me what should I do you know the DMARC and SPF policy so plz tell me accordingly

@ProTechShow 4 жыл бұрын

To be honest, it sounds like your emails are getting treated as spam because they're spam. It's hard to tell from a KZbin comment of course. If the recipients have agreed to receive your emails and the emails are providing value other than just pushing affiliate links then whichever marketing platform you're using should provide guidance about message reputation and delivery. If you're sending affiliate links to people who weren't expecting them then... well you shouldn't be doing that.

@AliHassan-mh2gh 4 жыл бұрын

@@ProTechShow can you help me more About how can I contact you

@ProTechShow 4 жыл бұрын

I can't provide individual advice. My day job is as an IT consultant. These videos are scoped so they don't create a conflict of interest for me with my employer, but if I were to start taking phone calls and emails from people that would cross a line. If you're using a marketing platform to send the emails then they likely have people who could provide you with more advice.