M3AAWG issues email authentication advice for security pros | SC Media

M3AAWG issues email authentication advice for security pros

June 11, 2020
  • Publish Sender Policy Framework (SPF) records with at least ~all, or -all if the domain does not send email.
  • Sign all mail with aligned DomainKeys Identified Mail. DKIM is an email authentication method designed to detect forged sender addresses in emails (email spoofing), a technique often used in phishing and email spam.
  • Publish Domain-based Message Authentication, Reporting and Conformance (DMARC) policies for organizational domains — even non-sending ones — at enforcement: using at least p=quarantine, although p=reject is preferable, across the entire domain and all subdomains without exception.
prestitial ad