#17 - Global War on Email

If you use email, this episode is for you.  Attackers leverage email for ransomware, Business Email Compromise (BEC), account takeover, and other threats that can be reduced with effective technical controls (as well as user education.)

These three tools all involve placing simple entries in your DNS records.  To work effectively, the recipient also needs to be checking entries.  They are:

• SPF = sender policy framework; designates only mail from designated IP address(es) or mail server(s) are valid.  For example:  v=spf1 include:spf.protection.outlook.com 
• DKIM = domain keys identified mail; advertises a public key that can be used to validate all mail sent was signed with corresponding private key.  For example:  v=DKIM1\; k=rsa\; 0123456789ABCDEF…
• DMARC = domain-based  ...