• Attack Surface Monitoring
  • Nov 2, 2021
  • By QOMPLX

Attack surface risk signals: DMARC and SPF records

Attack surface risk signals: DMARC and SPF records

In this installment of our attack surface risk signals series, we cover the importance of SPF and DMARC records

For organizations online, valid DMARC and SPF records are a key to protecting the integrity of your domains and preventing damaging phishing attacks and spam campaigns from leveraging your good name.

Both DMARC (Domain-based Message Authentication, Reporting, and Conformance) and SPF (Sender Policy Framework) are IETF standards that enable a domain owner to publish email authentication and policy information in the DNS. They represent significant improvements over SMTP, but if they are not properly configured, these improvements are of no effect.

Q:SCAN checks SPF and DMARC records

Sender Policy Framework (SPF) records help to protect your domain from being spoofed and to prevent outgoing emails from being flagged as spam by designating specific email servers as the only authorized hosts allowed to send emails on behalf of an organization. An SPF record is published in public DNS records as a TXT record. SPF won’t solve all your problems, but it’s an important step to take in improving the security of your communications.

A DMARC policy allows a sender's domain to indicate that their emails are protected by SPF and/or DKIM and tells the receiver what to do if neither of those authentication methods passes–such as to reject the message or quarantine it. The policy can also specify how an email receiver can report back to the sender's domain about messages that pass and/or fail. These policies are published in the public Domain Name System (DNS) as text (TXT) records.

You might also be interested in

MDR-Why does my organization need it?

MDR-Why does my organization need it?

Steve Nestler, Sales Engineer, discusses what MDR is as a technology and what the value proposition is for Small and Medium sized businesses (SMBs), and how it can help these organizations strengthen their current infrastructure against attack vectors and Bad Actors.

Read more
Lessons from the Medibank breach

Lessons from the Medibank breach

Ming Fu, a member of the Americas Pre-Sales Engineering Team at QOMPLX, looks at the much publicized Medibank breach in Australia last year, and draws a few much needed lessons based on the published findings of this breach.

Read more
Attack surface risk signals: IP reputation

Attack surface risk signals: IP reputation

IP reputation should be tracked consistently. Connections to known malicious infrastructure on the Internet is a clear indicator of risk.

Read more
Request a Demo

Interested in learning more?

Subscribe today to stay informed and get regular updates from QOMPLX.