Highest Voted 'spf' Questions - IT Security Stack Exchange

0

votes

0 answers

Why do I need DMARC on top of SPF and DKIM?

If SPF is verifying against a set of IP records if the incoming email from a domain was sent from an authorized host piggybacking on the DNS and DKIM does touch the signature of the email and calculate another one based on DNS public key record and…

asked Apr 23 '21 at 10:44

Asian Flavor

1

0

votes

1 answer

Whitelisting Email Service for Anti-Spoofing and DMARC

My company uses an Anti-Spoofing Protection based on the SPF Record and has implemented DMARC. Often our users correspond via a "secure" messaging platform like Proofpoint/ZIX/IronPort from their counterparts. However, when our users respond on…

spf dkim dmarc

asked Apr 08 '21 at 14:13

user2942358

5
2

0

votes

0 answers

Spoofed email? "X-Source-Sender" and "Received" headers look dodgy

I got sent an email from someone in response to an over 2 year old exchange, and the contents of it look like spam to me. Checking the headers the following looks normal: Return-Path Received & Received-SPF: Received: from…

email spam email-spoofing spf dkim

asked Mar 09 '21 at 20:44

Brett

279
2
7

0

votes

0 answers

Does SPF protect against spammers who control the initial MTA?

I understand that for most users, the Envelope-from address is the most difficult part of an email to spoof because (I assume) it is checked by the receiving MTA i.e. if you attempt to spoof the "MAIL FROM" address the first MTA in the chain…

email email-spoofing spf

asked Feb 01 '21 at 10:00

David Scholefield

1,824
12
21

0

votes

0 answers

SPF record does not preventing the sender spoofing

I used an SPF record finder online, and the result of this test was they already have an SPF record but I still can send an email as their domain exactly! So, do SPF records prevent email spoofing attacks? If it does, why can I still send an email…

spf

asked Jul 07 '20 at 04:26

iiAnonymous

1

0

votes

1 answer

Risk in adding shared mail server to my SPF like sendinblue/sendgrid for mail reputation?

My enterprise would like to make some mass mailing to their customers, using a third party solution (e.g.: sendinblue, sendgrid, mailchimp...). Is there a real risk that my domain mail address could be considered as spam if the shared IP is badly…

email spam spf

asked Apr 06 '20 at 09:00

user213795

0

votes

1 answer

DMARC & failing SPF

I would like to clarify the following scenario with DMARC, (assuming there is a publish DMARC policy): SPF fails No (aligned or any) DKIM records Should result of DMARC check be none or fail? Technically we cannot align anything with From thus we…

email spf dmarc

asked Feb 11 '20 at 15:59

charlag

103
4

0

votes

0 answers

Do we need SPF when we have DKIM?

I always thought that to authenticate email we needed both SPF and DKIM (and DMARC). But email is confusing and recently I found myself asking why we can't do with just SPF or DKIM. I then discovered that the problem with using just SPF is that…

email email-spoofing spf dkim dmarc

asked Feb 11 '20 at 15:46

SWdV

179
11

0

votes

1 answer

Soft-fail vs Hard-fail SPF + Monitor vs Reject+Strict DMARC, could it be counterproductive?

I have a ProtonMail premium plan with one custom domain and a single email address. My domain DNS is protected with DNSSEC. What caught my eye were two things they recommended in the domain setup: Soft-fail SPF (Sender Policy Framework - wiki)…

email dns spf protonmail dmarc

asked May 09 '19 at 11:15

LinuxSecurityFreak

1,562
2
18
32

0

votes

1 answer

Does it make sense to check SPF Record if a majority of customers don't abide their own Records?

so I've already disabled error checking for SPF Records after my inital question here: Does error checking for SPF Records make sense? Unfortunately I still have about 2-10 Companies daily who can't send us emails because their SPF Record has…

spf

asked Aug 22 '18 at 06:50

architekt

986
1
7
18

0

votes

1 answer

Are emails from the Necurs bot net DKIM and/or SPF signed?

As the questions title already asks: Are emails sent by Necurs DKIM and/or SPF signed? Or are they unsigned and simply spoofed?

spam botnet dkim spf

asked Dec 04 '17 at 15:37

user165355

1

0

votes

1 answer

Why is DKIM configuration testing not working the same for every test site?

basically, I have setup spk, dkim and dmarc for mail authentication. For this, I used this tuto. All worked correctly and I got this result: seems like everything OK. Now to confirm everything is working correctly, I have tried, on and another…

dkim spf dmarc

asked Sep 08 '17 at 12:05

dmx

227
3
8

0

votes

2 answers

Email SPF record integrity

I have been reviewing my company's SPF record with a number of our SAAS providers. One service advised me to use 'include:amazonses.com' in my record to allow emails to be validated. I am rather hesitant in allowing Amazon's service API to be…

email cloud-computing email-spoofing amazon spf

asked Aug 16 '17 at 02:03

wildshane

1

0

votes

4 answers

Suspicious Entry in DMARC Report

I recently contacted a vendor of security-related development libraries to ask for a quote (I won't name them yet). The next day, Postmark sent me my weekly DMARC report - and it contained 2 failed entries originating from this vendor's domain,…

email email-spoofing spf dkim dmarc

asked Feb 27 '17 at 20:08

Owen Orwell

207
1
5

0

votes

2 answers

Why did spoof email receive a "pass"? And why didn't it show up in the aggregate report?

Good Morning All, I've been thrown into the deep end with a request from my director. I know little of DMARC and email spoofing in general, but I'm trying to somehow weed out WHY this spoof email "passed". It's coming from some…

email-spoofing spf dkim dmarc

asked Feb 03 '17 at 16:21

RGuthrie

1
1

Questions tagged [spf]