Enhancing Your Email Security

How we can help

Enhancing your email security against Sender Fraud using SPF, DKIM and DMARC

Email Spoofing has become common place. Hackers are creating fake email and messages, targeting both the unsuspecting public, your customers, or even your own users, for financial and other malicious gains.

This is because Email lacks the ability to verify the authenticity of all received mails. Fraudsters have taken advantage of this fundamental flaw to full advantage.

There exists three email security standards today (and other initiatives) that help in the reduction of sender fraud: SPF, DKIM, and DMARC.  Yet a quick look at the top 30 companies in Malaysia, as at the writing of this piece, none of them have implemented these standards a robust manner.


Implementing these 3 standards will help in the following ways

  • Prevent Enterprise spear phishing, and other attack variants such as CEO email fraud
  • Detect misconfigurations of the underlying SPF and DKIM settings
  • Inventory of all email senders using the valid email domain

Here’s a quick introduction to these standards

Sender Policy Framework SPF (RFC 4408)

If you are not sure whether the Office 365 is suitable for your company, we will work with you to do a Cloud Suitability Assessment exercise. Through a specific set of questions, we help you determine how cloud services impact your users and environment.

Domain Keys Identified Mail DKIM (RFC 6376)

DKIM is a TXT record entered into your DNS that contain a pubic key. The public key allows the receiving party to determine if a received email really came from an authorized sender and whether the contents have been modified in transit (eg changing the bank account details)

Domain-based Message Authentication, Reporting and Conformance DMARC (RFC 7489)

DMARC was created by a group of leading organizations including Hotmail, Gmail, Yahoo! Mail, Facebook, Linkedin, Paypal  to combat fraudulent emails on the internet.  Its primary function is to enable email senders to publish policies (pass, quarantine or reject) when for a receiver to take when it processes a suspicious email. It also tells the receivers where to send email processing reports back to the senders so they can improve and monitor whether their domain names are being used for fraudulent activities.

Best practices for Implementing SPF, DKIM and DMARC

When used together, and used correctly, SPF-DKIM-DMARC can help an organization to be more effective when combating email fraud, whether targeted at their own users, or against their customers or the public at large.

The following are our high level recommendations

  1. Use a current generation email system that supports SPF-DKIM-DMARC
  2. Implement SPF-DKIM-DMARC with a knowledgeable vendor
  3. Use a reporting tool to receive DMARC reports so you can monitor your domains
  4. Do regular reviews( eg monthly, quarterly) reviews with your DMARC reports
  5. Deploy appropriate counter measures when necessary based on the reports.


    Please Select a Cloud Solution