Email Security and DNS Security Records

Introduction

• Email protocols lack built-in security checks.
• Spam folders often contain spoofed emails.
• Importance for individuals, corporations, and organizations to verify the origin of emails.

Email Spoofing

• Spoofing: Email appears to be from one source but originates elsewhere.
• Critical for authenticity of emails, e.g., confirming emails from known domains like professormesser.com.

Mail Gateway

• Decides legitimacy of emails; acts as a gatekeeper.
• Can be a single or multiple servers.
• May be on-premises (in a screened subnet) or cloud-based via third-party services.
• Valid emails are delivered; invalid emails are discarded or marked as spam.

Security Measures and DNS

Sender Policy Framework (SPF)

• SPF records determine which servers can send emails on behalf of a domain.
• Added to DNS as a TXT record.
• Allows others to verify if an email came from an authorized server.
• Example: professormesser.com authorizes mail gun.org as a sender.

DomainKeys Identified Mail (DKIM)

• Adds digital signatures to outgoing emails for verification.
• DKIM record specifies a DNS TXT record with a public key.
• Email headers contain DKIM signature, validated via DNS query.
• Ensures authenticity of email origin during transport between servers.

Domain-based Message Authentication, Reporting, and Conformance (DMARC)

• Extends SPF and DKIM functions.
• Specifies actions for emails failing SPF/DKIM checks: accept, spam, or reject.
• DMARC record added as a DNS TXT record.
• Allows specification of compliance report destination.
• Reports on validated and non-validated messages.
• Example: DMARC record with actions like quarantine for non-validated emails.

Monitoring and Reporting

• DMARC reporting provides insights into email validation.
• Centralized reporting engines can track metrics on email validation and spoofing attempts.
• Domain owners can assess the authenticity of emails sent from their domain.

Conclusion

• Implementing SPF, DKIM, and DMARC enhances email security.
• Helps ensure email integrity and reduces spoofing risks.