Eight years of Sender Policy Framework (SPF)
Sender Policy Framework (SPF) is used to authenticate senders of email. Receiving servers use SPF to verify if the message source IP is authorized to send on behalf of the HELO or MAIL FROM domain.
US Says North Korean Hackers Exploiting Weak DMARC Settings
The North Korea-linked hacking group tracked as Kimsuky has been exploiting weak email Domain-based Message Authentication, Reporting and Conformance (DMARC) settings to conceal spear phishing attacks, the US government warns.
NSA warns of North Korean hackers exploiting weak DMARC email policies
Mitigation measures
In these attacks, they exploit missing DMARC policies or DMARC policies with "p=none" configurations, which tell the receiving email server to take no action on messages that fail DMARC checks.
Should IT people hide their mistakes?
Regrettably, approximately 80% of these entities are susceptible to email spoofing and when I let them know, most of those IT, not all, don't take it seriously.
This vulnerability isn't attributable to a software bugs but rather stems from a lack of expertise and misconfiguration.
Avoid relying only on SPF! DKIM eMail authentication will often "save the day" / A must for DMARC
DKIM:
* is more resilient/robust
* will survive to more weird email scenarios
* confirm the receiving party that eMails received from your domain were really sent from your domain and that those emails were not altered / tempered with along the way.
* DKIM will be SPF Fail Safe to allow DMARC to work properly
What is that eMail compliance SPF/DKIM/DMARC Stuff! For non-technical people
What! My domain can be spoofed even if we configured a Strict -all DNS SPF/TXT entry? / FOR TECHIES ONLY
Mother of All Breaches exposes 26 billion records
eMail flow monitoring for small organizations
Continuous compliance monitoring and proper functioning of email flow for SMEs $35 USD/month (3 months minimum)
Why would I monitor my eMail flow using DMARC reports
"Grrr, we are no longer receiving feedback from clients via eBay/Shopify/XYZ.”
WHAT IS EMAIL BOMBING?
Are you suddenly receiving “tons” of Emails, mostly registration registrations confirmations to hundreds of sites, forums and newsletter ?
“JOE JOB SPAM ATTACK”
You received an Email from someone you know? But discover that person didn’t really sent this message? How is that possible?
Most domains can be spoofed!Only DMARC can help!!
IF you have no DMARC DNS ENTRY or the one you have ends with p=none (monitoring) Your domain can be spoofed
Your digital footprint VS risks to be hacked & receive more SPAMS
The more active on the internet you are, using your work email address everywhere, the more chances to be hacked or receive SPAM you’ll have.
You want to learn more about eMails?.
Sign up for my newsletter and you’ll never miss a post.