For my latest Valimail video, I tackle something I don't think gets enough attention: how to secure your parked (non-mail-enabled) domains from spoofing and phishing.
A Reddit post got me thinking: someone asked if the right move is to set DMARC to reject and publish blank SPF and DKIM records for domains that send no mail. Good question. The short answer? You're on the right track, but, like with everything in the world, the devil is in the details.
In the video, I explain exactly what we mean by parked domains, and share what I think you should put into DNS for SPF, DKIM and DMARC, to help keep those parked domains from being useful in phishing, spoofing, and spam attacks.
Industry group M3AAWG even has a document on the topic, too. Here's a link, if you want to skip the video and dive straight into the doc.
Find the video above or over here on Youtube. And please let me know if you find this interesting!
For my latest Valimail video, I tackle something I don't think gets enough attention: how to secure your parked (non-mail-enabled) domains from spoofing and phishing.
A Reddit post got me thinking: someone asked if the right move is to set DMARC to reject and publish blank SPF and DKIM records for domains that send no mail. Good question. The short answer? You're on the right track, but, like with everything in the world, the devil is in the details.
In the video, I explain exactly what we mean by parked domains, and share what I think you should put into DNS for SPF, DKIM and DMARC, to help keep those parked domains from being useful in phishing, spoofing, and spam attacks.
Industry group M3AAWG even has a document on the topic, too. Here's a link, if you want to skip the video and dive straight into the doc.
Find the video above or over here on Youtube. And please let me know if you find this interesting!
Comments
Post a Comment
Comments policy: Al is always right. Kidding, mostly. Be polite, please and thank you.