Best practices for parked domains

A few months ago, I posted about "SPF Lockdown," a simple way to use an SPF (sender policy framework) DNS record to tell the world that a given domain sends no mail.

Email/anti-abuse industry group M3AAWG has some useful guidance that goes even further. Back in December 2015, they published a white paper entitled "Protecting Parked Domains Best Common Practices." It covers what I refer to as SPF lockdown, and it additionally instructs you on how to configure appropriate DKIM and DMARC DNS entries to both ensure that your non-mailing domains are as secure as possible, and enable you to receive reports about bad guys misusing your domain.

You can download the white paper here.
Post a Comment