Securing email of your domain against spam and phishing09 Sep 2016
Securing email of your domain against spam and phishing has two aspects:
- You need an authentication key to sign all outgoing emails
- You need publish via DNS records the public key of the authentication key, along with policies about who can send for your domain and what others should do if they receive unauthenticated emails from your domain.
Hosting email of your domain on Google Apps makes things pretty easy to authenticate your emails, prevent spammers and phishing. But you’ll need a good DNS provider as well to support provisioning a number of DNS records.
Below are three articles from Google Apps that covers what you need do - they are not limited to Google Apps hosted emails and could be very informative in general:
Authenticate email with DKIM. This tells you how to enable Google Apps email authentication and publish the public key in a DNS TXT record for DKIM
Identify spam messages with SPF records. This is about how to create a DNS TXT record for SPF policy to help receiver identify spammers from your authorized sender or email gateway.
Prevent outgoing spam with DMARC. This describes the DNS TXT record for DMARC that publishes your desired policy of how the receiver shall deal with unauthenticated emails from your domain if the email does not pass SPF and DKIM check.
Finally, when you’ve done all your settings, use Google Apps Toolbox - Check MX to validate your domain’s MX records.