According to statistics, about 100 million phishing emails are delivered every day around the world. The pervasive phishing emails and fraudulent emails threaten the security of users’ information and property. The original SMTP does not require verification of the legitimacy of the sender. Various bad guys take advantage of this flaw to create a large number of phishing emails and fraudulent emails and other security-related spam emails. The biggest attempt of this type of spam is to manually To lure some valuable information (personal password, bank card password, credit card information, etc.), if the people who do not know the truth do not know that this is a phishing email, it is very easy to be deceived.
On January 30, 2012, 15 industry giants (mainly including financial institutions, Email service providers, data analysis institutions, etc.) such as Paypal, Google, Microsoft, Yahoo, and ReturnPath jointly announced the establishment of a new Internet Alliance, dedicated to submitting And promote a new DMARC email security protocol. The DMARC protocol is based on the two existing mainstream email security protocols, DKIM and SPF. The Mail Sender (the Domain Owner) declares that it adopts this protocol in DNS. When the Mail Receiver party (whose MTA needs to support the DMARC protocol) receives the mail sent from this domain, it will perform DMARC verification. If the verification fails, it needs to send a report to the specified URI.
Detailed explanation of each parameter in the DMARC record
p: It is used to inform the recipient that when it is detected that an email has forged me (the sender), what should be done by the recipient, and the processing methods are in descending order: none means no processing; quarantine to mark the message as spam; reject to reject the message. Initially, it is recommended to set it to none.
sp: The DMARC record is valid for the subdomain, and declares the handling method that the recipient must take when the subdomain is forged.
rua: used to send the summary report for a period of time to the email address after the recipient is detected.
ruf: Used for the email address to which the recipient must send the report of the forged information when a forged email is detected.
adkim: Indicates that the domain name owner requires strict or relaxed DKIM authentication mode, valid values are as follows: r: relaxed mode, s: strict modeaspf: Indicates that the domain owner requires strict or relaxed SPF authentication mode, Valid values are as follows: r: relaxed mode, s: strict mode
Set up DMARC records
Log in to the domain name management background, find the domain name that needs to add a DMARC record, and add a TXT record.
Before setting up DMARC records, you need to set up SPF records first.
record name record value
The domain name that needs to be set with SPF v=spf1 -all
Once the SPF record is set, add the following DMARC record.
record name record value
_dmarc v=DMARC1; p=reject; sp=reject; adkim=s; aspf=s;
After the setting is complete, you can prevent illegal elements from forging emails to send spam.
This article is reprinted from: https://www.williamlong.info/archives/6775.html
This site is for inclusion only, and the copyright belongs to the original author.