Protect Domains That Don’t Send Email from Email Spoofing

We recently wrote an article for those who manage their own Internet domain names about using SPF, DKIM, and DMARC to prevent your domains from being used in phishing attacks and enhance the deliverability of legitimate email. But what about other domains you own but don’t use for email? To make phishing attacks more believable, spammers sometimes forge email so it appears to come from parked domains that aren’t protected. You can use SPF, DKIM, and DMARC to ensure that forged email that seems to come from your unused domains isn’t accepted. The details are too specific to go into here, but Cloudflare has an excellent article outlining what you need to do.

(Featured image based on an original by iStock.com/Igor Kutyaev)


Social Media: If you have parked domains that never send email, it’s important to set up SPF, DKIM, and DMARC so scammers can’t forge legitimate-looking email from those domains.

Comments are closed.