As you may know, email spoofing allows attackers to pose as someone else to gain illegal profit. For example, I only use [email protected] for communication, but someone might create a spoofed-up email, say [email protected], to trick someone. This is called email spoofing with fake headers as follow:
Correct headers are often not checked by receiving email servers, and my@personal_gmail_com may think the email is from me. Here is the thing I don't use opensourceflare.com for email communication at all. So how do I prevent illegitimate email traffic on my domain? In this tutorial, I will explain how to configure DNS settings that tell receiving email servers this domain is not configured for emailing purposes and the attacker maliciously sending email on my behalf.
This content is available exclusively to members of VIVEK's Patreon at "Patrons Only" or higher tier, or having at least $2 pledged in total. Upgrade below to unlock this content.
Already a qualifying Patreon member? Refresh to access this content.
About the author:
Vivek Gite is Editor-in-Chief and the man behind nixCraft and OpensourceFlare ✨. He creates and maintains content on both sites as accurately as possible. Since 2000 Vivek has written over 7k+ posts that have been read many times. He is a die-hard fan of FLOSS and a full-time Linux desktop user since 1996. OpensourceFlare provides in-depth guides about Linux, BSD, programming, and other IT topics for Patreon subscribers without any ads or tracking. Get the latest tutorials on Linux, Open Source & DevOps via RSS feed or weekly email newsletter.
So this prevention method only works if we are someone who is not using our domain’s email address for sending email?
As clarification of: “In this tutorial, I will explain how to configure DNS settings that tell receiving email servers this domain is not configured for emailing purposes”
Which I’m understanding as, “Hey DNS servers, this domain isn’t meant to send emails so don’t accept any emails that end in this domain” and therefore if I really do have a domain I want to use for sending emails this tutorial won’t apply to me, right?
That is to say, I have a domain I send emails from, this tutorial won’t show me how to secure my domain’s emails from being spoofed? Just want to make sure I don’t buy expecting one thing and getting another.
>Hey DNS servers, this domain isn’t meant to send emails so don’t accept any emails that end in this domain
That is correct. It prevent bad guys using your domain which is not meant for emailing purposes at all. HTH
0.01$ isnt but to put in one’s CC for that is something that keeps me from hooking up with many peers.
Alternatives?
You can subscribe to yearly package too.
Very useful information. I just applied those settings to avoid spam issues.
So this prevention method only works if we are someone who is not using our domain’s email address for sending email?
As clarification of: “In this tutorial, I will explain how to configure DNS settings that tell receiving email servers this domain is not configured for emailing purposes”
Which I’m understanding as, “Hey DNS servers, this domain isn’t meant to send emails so don’t accept any emails that end in this domain” and therefore if I really do have a domain I want to use for sending emails this tutorial won’t apply to me, right?
That is to say, I have a domain I send emails from, this tutorial won’t show me how to secure my domain’s emails from being spoofed? Just want to make sure I don’t buy expecting one thing and getting another.
>Hey DNS servers, this domain isn’t meant to send emails so don’t accept any emails that end in this domain
That is correct. It prevent bad guys using your domain which is not meant for emailing purposes at all. HTH