Jump to content

Linux Tips: DNS settings to avoid email spoofing and phishing for unused domain


nixCraft

Recommended Posts

If your domain is not sending email, set these DNS settings to avoid spoofing and phishing
As you may know, email spoofing allows attackers to pose as someone else to gain illegal profit. For example, I only use webmaster@cyberciti.biz for communication, but someone might create a spoofed-up email, say info@opensourceflare.com, to trick someone. This is called email spoofing with fake headers as follow:

Date: Thu, 24 Oct 2021 12:46:10 
From: nixCraft <info@opensourceflare.com>
Reply-To: info@opensourceflare-email.com
To: <my@personal_gmail_com>

Correct headers are often not checked by receiving email servers, and my@personal_gmail_com may think the email is from me. Here is the thing I don't use opensourceflare.com for email communication at all. So how do I prevent illegitimate email traffic on my domain? In this tutorial, I will explain how to configure DNS settings that tell receiving email servers this domain is not configured for emailing purposes and the attacker maliciously sending email on my behalf.

Love this? sudo share_on: Twitter - Facebook - LinkedIn - Whatsapp - Reddit

The post DNS settings to avoid email spoofing and phishing for unused domain appeared first on nixCraft.

View the full article

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...