As you may know, email spoofing allows attackers to pose as someone else to gain illegal profit. For example, I only use webmaster@cyberciti.biz for communication, but someone might create a spoofed-up email, say info@opensourceflare.com, to trick someone. This is called email spoofing with fake headers as follow:
Date: Thu, 24 Oct 2021 12:46:10 From: nixCraft <info@opensourceflare.com> Reply-To: info@opensourceflare-email.com To: <my@personal_gmail_com>
Correct headers are often not checked by receiving email servers, and my@personal_gmail_com may think the email is from me. Here is the thing I don't use opensourceflare.com for email communication at all. So how do I prevent illegitimate email traffic on my domain? In this tutorial, I will explain how to configure DNS settings that tell receiving email servers this domain is not configured for emailing purposes and the attacker maliciously sending email on my behalf.
Love this? sudo share_on: Twitter - Facebook - LinkedIn - Whatsapp - Reddit
The post DNS settings to avoid email spoofing and phishing for unused domain appeared first on nixCraft.