You must be a registered user and logged-in to read this White Paper.
2 Contents
- Executive Summary
- The corporate equivalent of identity theft
- A blended approach
- Contents
- Introduction
- Practical Technical Controls
- Sender Policy Framework – SPF [RFC 7208]
- Domain SPF record
- HELO/EHLO name records
- Sender ID Framework – SIDF [RFC 4406 (4405, 4407 & 4408)]
- Domain Key Identified Mail – DKIM [RFC 6376]
- Author Domain Signing Practices – ADSP [RFC 5617]
- Domain-based Message Authentication, Reporting and Conformance – DMARC
- Domain Registration & Parking
- Sender Policy Framework – SPF [RFC 7208]
- Monitoring
- Customer Feedback
- Tracking Real-World Traffic
- Take-Down Services
- Tracking Malicious Domain Registration
- Organisation & Policy Controls
- Do Not Send HTML Message or Embedded Links
- Control Where Email Quoting Your Domain Name is Sent From
- The Future
- Protecting Against Fraudulent Email From Domains You Do not Control
- Putting it all Together
- Introduce, Monitor and Adapt
- About the Authors & this White Paper
- Edward Tucker
- Iain Hunneybell
- About the content of this White Paper
Table of Figures
- Figure 1 – Processing of SPF check of received Email
- Figure 2 – The potential impact of SPF on auto-forwarded Email
- Figure 3 – Example HELO name SPF record
- Figure 4 – Domain SPF record layout
- Figure 5 – Example domain SPF record
- Figure 6 – Example HELO/EHLO name SPF record
- Figure 7 – Example empty SIDF PRA policy record
- Figure 8 – Example SIDF PRA policy record
- Figure 9 – Example DKIM records
- Figure 10 – Example DKIM signature included in a signed message header
- Figure 11 – Example ADSP record
- Figure 12 – Example DMARC aggregate report
- Figure 13 – Example DMARC record
- Figure 14 – Example DMARC reporting acceptance record
- Figure 15 – Example ‘parked domain’ DNS records