Email Security

Weaknesses in email security can cause huge issues for organisations.  Many attacks including phishing, spear-phising and social engineering can and do lead to cyber security breaches.  It is essential that email is configured optimally to prevent breaches.  Furthermore poorly configured email servers can also prevent important email being received by your business partners and customers.

 

Our assessments can review your company’s email security and advise on a whole range of email security requirements including:

 

Contact us for a free email security health-check.

 

Sender Policy Framework (SPF)

 

SPF (Sender Policy Framework) is a DNS (Domain Name System) record that identifies which mail servers are permitted to send email on behalf of a domain. SPF records help prevent spammers from sending emails with forged ‘From’ addresses. Recipients can check the SPF record to ascertain whether an email claiming to have been sent from someone at a particular domain was indeed sent from a mail server authorized by that domain.  All companies internet domains should have SPF records, even those that aren’t configured to send mail and SMTP servers. Even if a company does not intend to send mail from a domain, an attacker can still use that domain to spoof email. According to a recent Google study, 91.4% of authenticated, non-spam emails sent to Gmail users come from senders that use SPF, DKIM, or both.

 

DomainKeys Identified Mail (DKIM)

 

DKIM is a protocol designed to prevent unauthorized servers from sending email on behalf of a domain. DKIM allows receiving mail servers to check if the sending domain is authorized by verifying a DKIM key located in the domain’s DNS record against a DKIM signature located in the email.

 

Domain-based Message Authentication, Reporting & Conformance (DMARC)

 

DMARC is an email authentication, policy, and reporting protocol. It builds on the widely deployed SPF and DKIM protocols, adding linkage to the author (“From:”) domain name, published policies for recipient handling of authentication failures, and reporting from receivers to senders, to improve and monitor protection of the domain from fraudulent email.

 

With the rise of the social internet and the ubiquity of e-commerce, spammers and phishers have a tremendous financial incentive to compromise user accounts, enabling theft of passwords, bank accounts, credit cards, and more. Email is easy to spoof and criminals have found spoofing to be a proven way to exploit user trust of well-known brands. Simply inserting the logo of a well known brand into an email gives it instant legitimacy with many users.

 

Users can’t tell a real message from a fake one, and large mailbox providers have to make very difficult (and frequently incorrect) choices about which messages to deliver and which ones might harm users. Senders remain largely unaware of problems with their authentication practices because there’s no scalable way for them to indicate they want feedback and where it should be sent. Those attempting new SPF and DKIM deployment proceed very slowly and cautiously because the lack of feedback also means they have no good way to monitor progress and debug problems.

 

DMARC addresses these issues, helping email senders and receivers work together to better secure emails, protecting users and brands from painfully costly abuse.