SlideShare a Scribd company logo

What is SPF record good for? | Part 7#17

•
•
Eyal Doron
Eyal Doron

What is SPF record good for? | Part 7#17 http://o365info.com/what-is-spf-record-good-for-part-7-17 The purpose of the SPF record and the relation to for our mail infrastructure. How does the SPF record enable us to prevent a scenario in which hostile elements could send E-mail on our behalf. Eyal Doron | o365info.com

Technology
1 of 20
Download to read offline
Page 1 of 20 | What is SPF record good for? | Part 7#17 Written by Eyal Doron | o365info.com WHAT IS SPF RECORD GOOD FOR? | PART 7#17 The current article is focused on explaining the purpose of the SPF record and, how does the SPF record enable us to prevent a scenario in which hostile elements, could send E-mail in our behalf. The next article – Implementing SPF record | Part 8#17 , focus on the “technical side” of the SPF record such as: the structure of SPF record, the way that we create SPF record, what is the required syntax for the SPF record in Office 365 environment + Mix mail environment, how to verify the existence of SPF record and so on.
Page 2 of 20 | What is SPF record good for? | Part 7#17 Written by Eyal Doron | o365info.com The purpose of the SPF record There are two main objectives for using SPF record: 1. Try to prevent a scenario, in which spammer will send E-mails using our domain name (a specific organization E-mail address) by using his mail server. In other words: a scenario in which the spammer’s mail server is introduce himself as “our legitimate mail server”. 2. Preventing a scenario, in which a destination mail server will block E-mail that sent from our organization or “stamp” our organization mail with a high spam score level because a spammer is “distributing E-mail” using our organization user’s identity (using an E-mail address of our recipient organization). Issues that relate to SPF record. We can classify that scenario of “problems that relate to SPF record” into two main areas:
Page 3 of 20 | What is SPF record good for? | Part 7#17 Written by Eyal Doron | o365info.com 1. Lack of SPF record – a common scenario, in which the organization don’t use and SPF record. The main reason is – lack of awareness to the big impertinence of using SPF records. 2. Miss configured SPF record – an existing SPF record that was configured with incorrect syntax or doesn’t include the “full information” about all the mail server that represents the specific organization. Why do I need to use SPF record? Ensure our E-mail message reliability The use of SPF record is very important in a modern mail environment because, SPF record enables us to set the level of “reliability” of an E-mail message that sent “from our organization” meaning: E-mail message was sent from our legitimate mail server. The purpose of the SPF record is to enable organizations to publicly “declare” who are the mail servers, which are authorized to send mail on behalf of the organization (for a specific domain name).
Page 4 of 20 | What is SPF record good for? | Part 7#17 Written by Eyal Doron | o365info.com The destination mail server, which accepts E-mail message that includes our domain name (E-mail address with our domain name), can verify if the mail server that “deliver” the E-mail message is entitled or, authorized to represent the specific domain name. The destination mail server verifies this information by looking for at the organization SPF record, which should include a list of all of the authorized mail servers that represent the specific domain name. In case that the “source mail server” doesn’t appear as listed in the SPF record, the “destination mail server” (the mail server that spouses accept the E-mail message and forward the E-mail message to the destination recipient) can decide if he agree to accept the E-mail or “block” the sending mail server. A scenario in which we don’t use SPF record or, a scenario in which we sent mail by using a mail server that doesn’t appear on the SPF
Page 5 of 20 | What is SPF record good for? | Part 7#17 Written by Eyal Doron | o365info.com record that represents our domain name, could lead to a significant reduction in the “reliability grade” of E-mail that is sent by our organization users. In other words: an outcome in which our organization mail will be identified as spamJunk mail. Prevent spoofing scenario In a modern mail environment the scenario of: “spoofing” is very common and very popular. The reason for this “popularity” of the spam phenomenon is because that the SMTP mail protocol was created, based on the assumption that the parties that want to communicate using E-mail message are, “legitimate players”. The reality is a little different and many times, hostile elements such as spammers, use the basic SMTP option for “presenting themselves” as some else (impersonation).
Page 6 of 20 | What is SPF record good for? | Part 7#17 Written by Eyal Doron | o365info.com For example: in a standard SMTP session between two mail servers (the source and the destination mail server), when server A connects server B and ask him to forward An E-mail message to a recipient who is hosted on mail server B, mail server A, present himself as the representative of the source recipient. By default, server B (the destination server) is supposed to believe to server A (believe that he is the true representative of the source recipient). The SPF record, was created for preventing a scenario in which spammer, fake his identity and, pretend to be the “legitimate mail server” of a specific organization. In our example, the spammer’s mail server, present himself as the legitimate mail server that sends E-mail “on behalf” the domain: o365info.com In the following diagram, we can see such a scenario, in which hostile elements try to send E-mail message to the destination recipient and the mail server of the hostile elements “declare” that the message was sent by a recipient’s name: Alice@o365info.com
Page 7 of 20 | What is SPF record good for? | Part 7#17 Written by Eyal Doron | o365info.com Q1: What is SPF stand for? A1: SPF stands for Sender Policy Framework Q2: How does the SPF record is implemented? A2: By publishing a TXT record in our public DNS that includes pre- defined structure + information about the mail server that are authorized and “approved” to send E-mail on behalf of our organization. Q3: What is the information that is included in the SPF record? A3: The SPF record includes information about the mail server names or IP address that represents a specific organization (domain name) and can send an E-mail on behalf of the organization. Note – the SPF record syntax includes additional options for “pointing out” the legitimate mail server, such as using the MX or the A record option.
Page 8 of 20 | What is SPF record good for? | Part 7#17 Written by Eyal Doron | o365info.com For example, when using the MX option in the SPF record, the meaning is that all the mail servers who appear “under” the MX record of a specific domain name, considers as “authorized” mail server that can send E-mail on behalf of the specific domain. How does the SPF record prevent a spoofing scenario? To be able to demonstrate the way in which the use of the SPF record prevents a spoofing, let’s use the following scenario: A hostile element (spammer) wants to distribute spam mail, hide his identity and impersonate his identity by using the identity of a legitimate organization that uses the public domain name: o365info.com The spammer, is going to “present himself” using the recipient name (E-mail address): Alice@o365info.com
Page 9 of 20 | What is SPF record good for? | Part 7#17 Written by Eyal Doron | o365info.com Step 1: sending E-mail message on behalf of the legitimate recipient In the following diagram, we can see that the spammer’s mail server connects the destination mail server, and asks him to forward email messages to the destination recipient. The destination mail server “see” that the IP address that is used by the “source mail server” (the spammer’s mail server) is: 100.100.100.100 Pay attention that the “real mail server” that represent the organization: o365info.com, use different IP address: 212.25.80.239
Page 10 of 20 | What is SPF record good for? | Part 7#17 Written by Eyal Doron | o365info.com Step 2: Destination mail server, check SPF record. In our scenario, we assume that the E-mail policy that is used by the “destination mail server” is configured to check the SPF record of the “source mail server”. The “destination mail server” query DNS server and ask for the SPF record of the domain: o365info.com In our scenario, the SPF record “say” that the “formal mail server” that represents the domain: o365infpo.com is: 212.25.80.239 Step 3: Destination mail rejects the E-mail message. The spammer’s mail server is the IP address: 100.100.100.100 Because the SPF record for the domain: o365info.com doesn’t include this IP address; the mail server will reject the E-mail message from the spammer’s mail server.
Page 11 of 20 | What is SPF record good for? | Part 7#17 Written by Eyal Doron | o365info.com Important note – the “real world” is a little more complex. In reality, there could be many other scenarios. For example: in case that the “destination mail server” is not configured to check the existence of SPF record, he will accept the E- mail message that was sent by the spammer. Another possible scenario could be that the “destination mail server” will agree to accept the E-mail message, although the IP address of the “source mail server” (the spammer’s mail server) doesn’t appear in the SPF record but, will “stamp” the E-mail message as a “problematic” or dangerous E-mail message. “Problems” that relates to SPF record Q: What are a possible scenario of “problems” that relates to SPF record? A: An example for a “problems” that relates to SPF record could be:
Page 12 of 20 | What is SPF record good for? | Part 7#17 Written by Eyal Doron | o365info.com 1. Lack of SPF record – A scenario in which the organization doesn’t use SPF record. 2. More than one SPF records – a common mistake, in which the DNS includes two or more SPF records. The outcome is: “unknown results”. Some of the mail server will relate only to one SPF record and some mail server, will refuse to accept mail because the SPF record is not configured correctly. 3. SPF record that is configured improperly SPF record is based on very strict “syntax rules” that dictate how to “construct” the SPF record. In some cases, the SPF record includes a syntax error. In this case, we are dealing again with the realm of: “unknown results”. 4. SPF record that doesn’t include information about all the organization’s mail servers. Any of this “issues”, could lead to a scenario in which external mail server will block mail that is sent by a user’s from our organization (users whom their E-mail address includes our public domain name). Mixed mail environment example An example of a scenario: “SPF record that doesn’t include information about all the organization’s mail servers” could be: Hybrid environment, that is based on two separated mail infrastructures: the Office 365 mail infrastructure (Exchange Online) and the Exchange on-Premises mail infrastructure.
Page 13 of 20 | What is SPF record good for? | Part 7#17 Written by Eyal Doron | o365info.com In this scenario, an E-mail message could be sent from the booth of this mail infrastructures (depend on the physical location of the user mailbox). In a scenario of: “two separate mail infrastructures”, the SPF should contain “pointers” to the separated mail infrastructure. In simple words: the SPF record should “declare” that mail that is sent by the Exchange Online mail servers + mail that sent from the Exchange on-Premises mail servers consider as a legitimate mail. In case that the SPF record value that we have configured doesn’t include information about the Exchange on-Premises server. Each E- mail that will be sent by the Exchange on-Premises server have the Potential to be identified as spamjunk mail. Note – you can read more detailed information on the SPF record syntax in the article – Implementing SPF record | Part 8#17
Page 14 of 20 | What is SPF record good for? | Part 7#17 Written by Eyal Doron | o365info.com Q: in a scenario of a problem in SPF record, what are the possible “responses” of the target mail server? A: It’s important to emphasize that in a scenario of: “problems that relate to SPF record”, the “response” from the destination mail server, cannot be predictable. The reason is that each mail server, use or implement a different mail security policy. Some of the mail servers are more “forgiving” to a scenario of luck or a problem with the SPF record and, some of the mail servers are stricter.
Page 15 of 20 | What is SPF record good for? | Part 7#17 Written by Eyal Doron | o365info.com Internal outbound spam in Office 365 environment | Article series index A quick reference for the article series My E-mail appears as a spam | Article series index | Part 0#17 The article index of the complete article series Introduction to the concept of internal outbound spam in general and in Office 365 and Exchange Online environment My E-mail appears as a spam – Introduction | Office 365 | Part 1#17 The psychological profile of the phenomenon: “My E-mail appears as a spam!”, possible factors for causing our E-mail to appear a “spam mail”, the definition of internal outbound spam. Internal spam in Office 365 – Introduction | Part 2#17 Review in general the term: “internal outbound spam”, miss conceptions that relate to this term, the risks that are involved in this scenario,
Page 16 of 20 | What is SPF record good for? | Part 7#17 Written by Eyal Doron | o365info.com outbound spam E-mail policy and more. Internal spam in Office 365 – Introduction | Part 3#17 What are the possible reasons that could cause to our mail to appear as spamjunk mail, who or what are this “elements”, that can decide that our mail is a spam mail?, what are the possible “reactions” of the destination mail infrastructure that identify our E- mail as spamjunk mail?. Commercial E-mail – Using the right tools | Office 365 | Part 4#17 What is commercial E-mail? Commercial E-mail as part of the business process. Why do I think that Office 365 Exchange Online is unsuitable for the purpose of commercial E-mail? Introduction if the major causes for a scenario in which your organization E-mail appears as spam My E-mail appears as spam | The 7 major reasons | Part 5#17 Review three major reasons, that could lead to a scenario, in which E- mail that is sent from our organization identified as spam mail:
Page 17 of 20 | What is SPF record good for? | Part 7#17 Written by Eyal Doron | o365info.com 1. E-mail content, 2. Violation of the SMTP standards, 3. BulkMass mail My E-mail appears as spam | The 7 major reasons | Part 6#17 Review three major reasons, that could lead to a scenario, in which E- mail that is sent from our organization identified as spam mail: 4. False positive, 5. User Desktop malware, 6. “Problematic” Website Introduction if the subject of SPF record in general and in Office 365 environment What is SPF record good for? | Part 7#17 The purpose of the SPF record and the relation to for our mail infrastructure. How does the SPF record enable us to prevent a scenario in which hostile elements could send E-mail on our behalf. Implementing SPF record | Part 8#17 The “technical side” of the SPF record: the structure of SPF record, the way that we create SPF record, what is the required syntax for the SPF record in an Office 365 environment + mix mail environment, how to verify the existence of SPF record and so on.
Page 18 of 20 | What is SPF record good for? | Part 7#17 Written by Eyal Doron | o365info.com Introduction if the subject of Exchange Online - High Risk Delivery Pool High Risk Delivery Pool and Exchange Online | Part 9#17 How Office 365 (Exchange Online) is handling a scenario of internal outbound spam by using the help of the Exchange Online- High Risk Delivery Pool. High Risk Delivery Pool and Exchange Online | Part 10#17 The second article about the subject of Exchange Online- High Risk Delivery Pool. The troubleshooting path of internal outbound spam scenario My E-mail appears as spam – Troubleshooting path | Part 11#17 Troubleshooting scenario of internal outbound spam in Office 365 and Exchange Online environment. Verifying if our domain name is blacklisted, verifying if the problem is related to E-mail content, verifying if the problem is related to specific organization user E-mail address, moving the troubleshooting process to the “other side.
Page 19 of 20 | What is SPF record good for? | Part 7#17 Written by Eyal Doron | o365info.com My E-mail appears as spam | Troubleshooting – Domain name and E-mail content | Part 12#17 Verify if our domain name appears as blacklisted, verify if the problem relates to a specific E-mail message content, registering blacklist monitoring services, activating the option of Exchange Online outbound spam. My E-mail appears as spam | Troubleshooting – Mail server | Part 13#17 What is the meaning of: “our mail server”?, Mail server IP, host name and Exchange Online. One of our users got an NDR which informs him, that his mail server is blacklisted!, How do we know that my mail server is blacklisted? My E-mail appears as spam | Troubleshooting – Mail server | Part 14#17 The troubleshooting path logic. Get the information from the E-mail message that was identified as spamNDR. Forwarding a copy of the NDR message or the message that saved to the junk mail
Page 20 of 20 | What is SPF record good for? | Part 7#17 Written by Eyal Doron | o365info.com My E-mail appears as spam | Troubleshooting – Mail server | Part 15#17 Step B – Get information about your Exchange Online infrastructure, Step C – fetch the information about the Exchange Online IP address, Step D – verify if the “formal “Exchange Online IP address a De-list your organization from a blacklist | My E-mail appears as spam | Part 16#17 Review the charters of a scenario in which your organization appears as blacklisted. The steps and the operations that need to be implemented for de-list your organization from a blacklist. Summery and recap of the troubleshooting and best practices in a scenario of internal outbound spam Dealing and avoiding internal spam | Best practices | Part 17#17 Provide a short checklist for all the steps and the operation that relates to a scenario of – internal outbound spam.

Recommended

How does sender verification work how we identify spoof mail) spf, dkim dmar...
How does sender verification work how we identify spoof mail) spf, dkim dmar...How does sender verification work how we identify spoof mail) spf, dkim dmar...
How does sender verification work how we identify spoof mail) spf, dkim dmar...Eyal Doron
 
Malware from the Consumer Jungle
Malware from the Consumer JungleMalware from the Consumer Jungle
Malware from the Consumer JungleJason S
 
Lesson learned from linked in
Lesson learned from linked inLesson learned from linked in
Lesson learned from linked inPayza
 
Locking down word press
Locking down word pressLocking down word press
Locking down word pressZachary Russell
 
Costruzione fattiva
Costruzione fattivaCostruzione fattiva
Costruzione fattivaDanilo Buccarello
 
E2 d3 detailed description
E2 d3 detailed descriptionE2 d3 detailed description
E2 d3 detailed descriptionhipsrinoky
 
Android Training in Bangalore
Android Training in BangaloreAndroid Training in Bangalore
Android Training in BangaloreCMS Computer
 
о компании смт финиш
о компании смт финишо компании смт финиш
о компании смт финишandrman
 

Recommended

How does sender verification work how we identify spoof mail) spf, dkim dmar...
How does sender verification work how we identify spoof mail) spf, dkim dmar...How does sender verification work how we identify spoof mail) spf, dkim dmar...
How does sender verification work how we identify spoof mail) spf, dkim dmar...Eyal Doron
 
Malware from the Consumer Jungle
Malware from the Consumer JungleMalware from the Consumer Jungle
Malware from the Consumer JungleJason S
 
Lesson learned from linked in
Lesson learned from linked inLesson learned from linked in
Lesson learned from linked inPayza
 
Locking down word press
Locking down word pressLocking down word press
Locking down word pressZachary Russell
 
Costruzione fattiva
Costruzione fattivaCostruzione fattiva
Costruzione fattivaDanilo Buccarello
 
E2 d3 detailed description
E2 d3 detailed descriptionE2 d3 detailed description
E2 d3 detailed descriptionhipsrinoky
 
Android Training in Bangalore
Android Training in BangaloreAndroid Training in Bangalore
Android Training in BangaloreCMS Computer
 
о компании смт финиш
о компании смт финишо компании смт финиш
о компании смт финишandrman
 
Market Analysis
Market AnalysisMarket Analysis
Market Analysissmdoyle
 
Intellectual disabiltiy
Intellectual disabiltiyIntellectual disabiltiy
Intellectual disabiltiycaitjoh
 
Assignment 1
Assignment 1Assignment 1
Assignment 1Socorro Esquivel JuĂĄrez
 
Attracting more women_into_set_-_ukrc_presentation_10.6.09
Attracting more women_into_set_-_ukrc_presentation_10.6.09Attracting more women_into_set_-_ukrc_presentation_10.6.09
Attracting more women_into_set_-_ukrc_presentation_10.6.09roshanmcse
 
File bài giảng ADWORDS Cách thực hành tốt nhất cho thiết kế trang đích
File bài giảng ADWORDS Cách thực hành tốt nhất cho thiết kế trang đíchFile bài giảng ADWORDS Cách thực hành tốt nhất cho thiết kế trang đích
File bài giảng ADWORDS Cách thực hành tốt nhất cho thiết kế trang đíchĐào tạo Seo
 
My family
My familyMy family
My familyMauricio MartĂ­nez
 
研究途中経過のスライド
研究途中経過のスライド研究途中経過のスライド
研究途中経過のスライドYuko Kudo
 
Right View Of Resurrection
Right View Of ResurrectionRight View Of Resurrection
Right View Of ResurrectionVictorias Church
 
LEVICK Weekly - Dec 14 2012
LEVICK Weekly - Dec 14 2012LEVICK Weekly - Dec 14 2012
LEVICK Weekly - Dec 14 2012LEVICK
 
TUBULAR EXCHANGER
TUBULAR EXCHANGERTUBULAR EXCHANGER
TUBULAR EXCHANGERعاطف المسلم
 
Cсправочник по продукции LR
Cсправочник по продукции LRCсправочник по продукции LR
Cсправочник по продукции LRt575ae
 
Bp monline boostsalesperfomance
Bp monline boostsalesperfomanceBp monline boostsalesperfomance
Bp monline boostsalesperfomanceAndrey Dovgan
 
Espa fresh
Espa freshEspa fresh
Espa freshMauricio MartĂ­nez
 
Acoustic Correction of High School gym in Florence
Acoustic Correction of High School gym in FlorenceAcoustic Correction of High School gym in Florence
Acoustic Correction of High School gym in Florencearchisonus
 
京田辺市関西観光拠点化計画
京田辺市関西観光拠点化計画京田辺市関西観光拠点化計画
京田辺市関西観光拠点化計画Fumihiro Koide
 
Webinar 2013 10-23-premessa
Webinar 2013 10-23-premessaWebinar 2013 10-23-premessa
Webinar 2013 10-23-premessasmespire
 
Stampa unione
Stampa unione Stampa unione
Stampa unione christian98
 
Matriz de datos
Matriz de datosMatriz de datos
Matriz de datosJuLiian AguirRe
 
Manual
ManualManual
ManualSocorro Esquivel JuĂĄrez
 
What is so special about spoof mail attack part 3#9 | Eyal Doron | o365info.com
What is so special about spoof mail attack part 3#9 | Eyal Doron | o365info.comWhat is so special about spoof mail attack part 3#9 | Eyal Doron | o365info.com
What is so special about spoof mail attack part 3#9 | Eyal Doron | o365info.comEyal Doron
 
A guide to email spoofing
A guide to email spoofingA guide to email spoofing
A guide to email spoofingMattChapman50
 
De-list your organization from a blacklist | My E-mail appears as spam | Part...
De-list your organization from a blacklist | My E-mail appears as spam | Part...De-list your organization from a blacklist | My E-mail appears as spam | Part...
De-list your organization from a blacklist | My E-mail appears as spam | Part...Eyal Doron
 

More Related Content

Viewers also liked

Market Analysis
Market AnalysisMarket Analysis
Market Analysissmdoyle
 
Intellectual disabiltiy
Intellectual disabiltiyIntellectual disabiltiy
Intellectual disabiltiycaitjoh
 
Attracting more women_into_set_-_ukrc_presentation_10.6.09
Attracting more women_into_set_-_ukrc_presentation_10.6.09Attracting more women_into_set_-_ukrc_presentation_10.6.09
Attracting more women_into_set_-_ukrc_presentation_10.6.09roshanmcse
 
File bài giảng ADWORDS Cách thực hành tốt nhất cho thiết kế trang đích
File bài giảng ADWORDS Cách thực hành tốt nhất cho thiết kế trang đíchFile bài giảng ADWORDS Cách thực hành tốt nhất cho thiết kế trang đích
File bài giảng ADWORDS Cách thực hành tốt nhất cho thiết kế trang đíchĐào tạo Seo
 
研究途中経過のスライド
研究途中経過のスライド研究途中経過のスライド
研究途中経過のスライドYuko Kudo
 
Right View Of Resurrection
Right View Of ResurrectionRight View Of Resurrection
Right View Of ResurrectionVictorias Church
 
LEVICK Weekly - Dec 14 2012
LEVICK Weekly - Dec 14 2012LEVICK Weekly - Dec 14 2012
LEVICK Weekly - Dec 14 2012LEVICK
 
Cсправочник по продукции LR
Cсправочник по продукции LRCсправочник по продукции LR
Cсправочник по продукции LRt575ae
 
Bp monline boostsalesperfomance
Bp monline boostsalesperfomanceBp monline boostsalesperfomance
Bp monline boostsalesperfomanceAndrey Dovgan
 
Acoustic Correction of High School gym in Florence
Acoustic Correction of High School gym in FlorenceAcoustic Correction of High School gym in Florence
Acoustic Correction of High School gym in Florencearchisonus
 
京田辺市関西観光拠点化計画
京田辺市関西観光拠点化計画京田辺市関西観光拠点化計画
京田辺市関西観光拠点化計画Fumihiro Koide
 
Webinar 2013 10-23-premessa
Webinar 2013 10-23-premessaWebinar 2013 10-23-premessa
Webinar 2013 10-23-premessasmespire
 
Stampa unione
Stampa unione Stampa unione
Stampa unione christian98
 

Viewers also liked (19)

Market Analysis
Market AnalysisMarket Analysis
Market Analysis
 
Intellectual disabiltiy
Intellectual disabiltiyIntellectual disabiltiy
Intellectual disabiltiy
 
Assignment 1
Assignment 1Assignment 1
Assignment 1
 
Attracting more women_into_set_-_ukrc_presentation_10.6.09
Attracting more women_into_set_-_ukrc_presentation_10.6.09Attracting more women_into_set_-_ukrc_presentation_10.6.09
Attracting more women_into_set_-_ukrc_presentation_10.6.09
 
File bài giảng ADWORDS Cách thực hành tốt nhất cho thiết kế trang đích
File bài giảng ADWORDS Cách thực hành tốt nhất cho thiết kế trang đíchFile bài giảng ADWORDS Cách thực hành tốt nhất cho thiết kế trang đích
File bài giảng ADWORDS Cách thực hành tốt nhất cho thiết kế trang đích
 
My family
My familyMy family
My family
 
研究途中経過のスライド
研究途中経過のスライド研究途中経過のスライド
研究途中経過のスライド
 
Right View Of Resurrection
Right View Of ResurrectionRight View Of Resurrection
Right View Of Resurrection
 
LEVICK Weekly - Dec 14 2012
LEVICK Weekly - Dec 14 2012LEVICK Weekly - Dec 14 2012
LEVICK Weekly - Dec 14 2012
 
TUBULAR EXCHANGER
TUBULAR EXCHANGERTUBULAR EXCHANGER
TUBULAR EXCHANGER
 
Cсправочник по продукции LR
Cсправочник по продукции LRCсправочник по продукции LR
Cсправочник по продукции LR
 
Bp monline boostsalesperfomance
Bp monline boostsalesperfomanceBp monline boostsalesperfomance
Bp monline boostsalesperfomance
 
Espa fresh
Espa freshEspa fresh
Espa fresh
 
Acoustic Correction of High School gym in Florence
Acoustic Correction of High School gym in FlorenceAcoustic Correction of High School gym in Florence
Acoustic Correction of High School gym in Florence
 
京田辺市関西観光拠点化計画
京田辺市関西観光拠点化計画京田辺市関西観光拠点化計画
京田辺市関西観光拠点化計画
 
Webinar 2013 10-23-premessa
Webinar 2013 10-23-premessaWebinar 2013 10-23-premessa
Webinar 2013 10-23-premessa
 
Stampa unione
Stampa unione Stampa unione
Stampa unione
 
Matriz de datos
Matriz de datosMatriz de datos
Matriz de datos
 
Manual
ManualManual
Manual
 

Similar to What is SPF record good for? | Part 7#17

What is so special about spoof mail attack part 3#9 | Eyal Doron | o365info.com
What is so special about spoof mail attack part 3#9 | Eyal Doron | o365info.comWhat is so special about spoof mail attack part 3#9 | Eyal Doron | o365info.com
What is so special about spoof mail attack part 3#9 | Eyal Doron | o365info.comEyal Doron
 
A guide to email spoofing
A guide to email spoofingA guide to email spoofing
A guide to email spoofingMattChapman50
 
De-list your organization from a blacklist | My E-mail appears as spam | Part...
De-list your organization from a blacklist | My E-mail appears as spam | Part...De-list your organization from a blacklist | My E-mail appears as spam | Part...
De-list your organization from a blacklist | My E-mail appears as spam | Part...Eyal Doron
 
Implementing SPF record | Part 8#17
Implementing SPF record | Part 8#17Implementing SPF record | Part 8#17
Implementing SPF record | Part 8#17Eyal Doron
 
My E-mail appears as spam | The 7 major reasons | Part 5#17
My E-mail appears as spam | The 7 major reasons | Part 5#17My E-mail appears as spam | The 7 major reasons | Part 5#17
My E-mail appears as spam | The 7 major reasons | Part 5#17Eyal Doron
 
Dealing with the threat of spoof and phishing mail attacks part 6#9 | Eyal ...
Dealing with the threat of spoof and phishing mail attacks part 6#9 | Eyal ...Dealing with the threat of spoof and phishing mail attacks part 6#9 | Eyal ...
Dealing with the threat of spoof and phishing mail attacks part 6#9 | Eyal ...Eyal Doron
 
Smtp relay in office 365 environment troubleshooting scenarios - part 4#4
Smtp relay in office 365 environment troubleshooting scenarios - part 4#4Smtp relay in office 365 environment troubleshooting scenarios - part 4#4
Smtp relay in office 365 environment troubleshooting scenarios - part 4#4Eyal Doron
 
Why our mail system is exposed to spoof and phishing mail attacks part 5#9 |...
Why our mail system is exposed to spoof and phishing mail attacks part 5#9 |...Why our mail system is exposed to spoof and phishing mail attacks part 5#9 |...
Why our mail system is exposed to spoof and phishing mail attacks part 5#9 |...Eyal Doron
 
How to Implement DMARC/DKIM/SPF to Stop Email Spoofing/Phishing: The Definiti...
How to Implement DMARC/DKIM/SPF to Stop Email Spoofing/Phishing: The Definiti...How to Implement DMARC/DKIM/SPF to Stop Email Spoofing/Phishing: The Definiti...
How to Implement DMARC/DKIM/SPF to Stop Email Spoofing/Phishing: The Definiti...Gangcai Lin
 
Safe Email Practices
Safe Email PracticesSafe Email Practices
Safe Email PracticesJonathan Slavin
 
Sender Policy Framework (SPF): An Email Authentication Technique
Sender Policy Framework (SPF): An Email Authentication TechniqueSender Policy Framework (SPF): An Email Authentication Technique
Sender Policy Framework (SPF): An Email Authentication TechniqueHTS Hosting
 
How to Trace an E-mail Part 1
How to Trace an E-mail Part 1How to Trace an E-mail Part 1
How to Trace an E-mail Part 1Lebowitzcomics
 
What are the possible damages of phishing and spoofing mail attacks part 2#...
What are the possible damages of phishing and spoofing mail attacks part 2#...What are the possible damages of phishing and spoofing mail attacks part 2#...
What are the possible damages of phishing and spoofing mail attacks part 2#...Eyal Doron
 
[Tips/Tricks] Unlocking Deliverability With Marketo Engage.pdf
[Tips/Tricks] Unlocking Deliverability With Marketo Engage.pdf[Tips/Tricks] Unlocking Deliverability With Marketo Engage.pdf
[Tips/Tricks] Unlocking Deliverability With Marketo Engage.pdfAkandeDavis1
 
Phishing: Analysis and Countermeasures
Phishing: Analysis and CountermeasuresPhishing: Analysis and Countermeasures
Phishing: Analysis and CountermeasuresIRJET Journal
 
2010 Spam Filtered World Fv
2010 Spam Filtered World Fv2010 Spam Filtered World Fv
2010 Spam Filtered World Fvcactussky
 
End the Nightmares! 10 Email Deliverability Myths Debunked
End the Nightmares! 10 Email Deliverability Myths DebunkedEnd the Nightmares! 10 Email Deliverability Myths Debunked
End the Nightmares! 10 Email Deliverability Myths DebunkedYes Lifecycle Marketing
 
Spoofing
SpoofingSpoofing
SpoofingSanjeev
 
Maximise Email Deliverability
Maximise Email DeliverabilityMaximise Email Deliverability
Maximise Email DeliverabilityGetResponse
 

Similar to What is SPF record good for? | Part 7#17 (20)

What is so special about spoof mail attack part 3#9 | Eyal Doron | o365info.com
What is so special about spoof mail attack part 3#9 | Eyal Doron | o365info.comWhat is so special about spoof mail attack part 3#9 | Eyal Doron | o365info.com
What is so special about spoof mail attack part 3#9 | Eyal Doron | o365info.com
 
A guide to email spoofing
A guide to email spoofingA guide to email spoofing
A guide to email spoofing
 
De-list your organization from a blacklist | My E-mail appears as spam | Part...
De-list your organization from a blacklist | My E-mail appears as spam | Part...De-list your organization from a blacklist | My E-mail appears as spam | Part...
De-list your organization from a blacklist | My E-mail appears as spam | Part...
 
Implementing SPF record | Part 8#17
Implementing SPF record | Part 8#17Implementing SPF record | Part 8#17
Implementing SPF record | Part 8#17
 
My E-mail appears as spam | The 7 major reasons | Part 5#17
My E-mail appears as spam | The 7 major reasons | Part 5#17My E-mail appears as spam | The 7 major reasons | Part 5#17
My E-mail appears as spam | The 7 major reasons | Part 5#17
 
Dealing with the threat of spoof and phishing mail attacks part 6#9 | Eyal ...
Dealing with the threat of spoof and phishing mail attacks part 6#9 | Eyal ...Dealing with the threat of spoof and phishing mail attacks part 6#9 | Eyal ...
Dealing with the threat of spoof and phishing mail attacks part 6#9 | Eyal ...
 
Smtp relay in office 365 environment troubleshooting scenarios - part 4#4
Smtp relay in office 365 environment troubleshooting scenarios - part 4#4Smtp relay in office 365 environment troubleshooting scenarios - part 4#4
Smtp relay in office 365 environment troubleshooting scenarios - part 4#4
 
Why our mail system is exposed to spoof and phishing mail attacks part 5#9 |...
Why our mail system is exposed to spoof and phishing mail attacks part 5#9 |...Why our mail system is exposed to spoof and phishing mail attacks part 5#9 |...
Why our mail system is exposed to spoof and phishing mail attacks part 5#9 |...
 
How to Implement DMARC/DKIM/SPF to Stop Email Spoofing/Phishing: The Definiti...
How to Implement DMARC/DKIM/SPF to Stop Email Spoofing/Phishing: The Definiti...How to Implement DMARC/DKIM/SPF to Stop Email Spoofing/Phishing: The Definiti...
How to Implement DMARC/DKIM/SPF to Stop Email Spoofing/Phishing: The Definiti...
 
Safe Email Practices
Safe Email PracticesSafe Email Practices
Safe Email Practices
 
Sender Policy Framework (SPF): An Email Authentication Technique
Sender Policy Framework (SPF): An Email Authentication TechniqueSender Policy Framework (SPF): An Email Authentication Technique
Sender Policy Framework (SPF): An Email Authentication Technique
 
How to Trace an E-mail Part 1
How to Trace an E-mail Part 1How to Trace an E-mail Part 1
How to Trace an E-mail Part 1
 
What are the possible damages of phishing and spoofing mail attacks part 2#...
What are the possible damages of phishing and spoofing mail attacks part 2#...What are the possible damages of phishing and spoofing mail attacks part 2#...
What are the possible damages of phishing and spoofing mail attacks part 2#...
 
internet security
internet securityinternet security
internet security
 
[Tips/Tricks] Unlocking Deliverability With Marketo Engage.pdf
[Tips/Tricks] Unlocking Deliverability With Marketo Engage.pdf[Tips/Tricks] Unlocking Deliverability With Marketo Engage.pdf
[Tips/Tricks] Unlocking Deliverability With Marketo Engage.pdf
 
Phishing: Analysis and Countermeasures
Phishing: Analysis and CountermeasuresPhishing: Analysis and Countermeasures
Phishing: Analysis and Countermeasures
 
2010 Spam Filtered World Fv
2010 Spam Filtered World Fv2010 Spam Filtered World Fv
2010 Spam Filtered World Fv
 
End the Nightmares! 10 Email Deliverability Myths Debunked
End the Nightmares! 10 Email Deliverability Myths DebunkedEnd the Nightmares! 10 Email Deliverability Myths Debunked
End the Nightmares! 10 Email Deliverability Myths Debunked
 
Spoofing
SpoofingSpoofing
Spoofing
 
Maximise Email Deliverability
Maximise Email DeliverabilityMaximise Email Deliverability
Maximise Email Deliverability
 

More from Eyal Doron

How to simulate spoof e mail attack and bypass spf sender verification - 2#2
How to simulate spoof e mail attack and bypass spf sender verification - 2#2How to simulate spoof e mail attack and bypass spf sender verification - 2#2
How to simulate spoof e mail attack and bypass spf sender verification - 2#2Eyal Doron
 
What is the meaning of mail phishing attack in simple words part 4#9 | Eyal...
What is the meaning of mail phishing attack in simple words part 4#9 | Eyal...What is the meaning of mail phishing attack in simple words part 4#9 | Eyal...
What is the meaning of mail phishing attack in simple words part 4#9 | Eyal...Eyal Doron
 
Dealing with a spoof mail attacks and phishing mail attacks a little story ...
Dealing with a spoof mail attacks and phishing mail attacks a little story ...Dealing with a spoof mail attacks and phishing mail attacks a little story ...
Dealing with a spoof mail attacks and phishing mail attacks a little story ...Eyal Doron
 
Exchange In-Place eDiscovery & Hold | Introduction | 5#7
Exchange In-Place eDiscovery & Hold | Introduction | 5#7Exchange In-Place eDiscovery & Hold | Introduction | 5#7
Exchange In-Place eDiscovery & Hold | Introduction | 5#7Eyal Doron
 
Mail migration to office 365 measure and estimate mail migration throughput...
Mail migration to office 365 measure and estimate mail migration throughput...Mail migration to office 365 measure and estimate mail migration throughput...
Mail migration to office 365 measure and estimate mail migration throughput...Eyal Doron
 
Mail migration to office 365 factors that impact mail migration performance...
Mail migration to office 365 factors that impact mail migration performance...Mail migration to office 365 factors that impact mail migration performance...
Mail migration to office 365 factors that impact mail migration performance...Eyal Doron
 
Mail migration to office 365 optimizing the mail migration throughput - par...
Mail migration to office 365 optimizing the mail migration throughput - par...Mail migration to office 365 optimizing the mail migration throughput - par...
Mail migration to office 365 optimizing the mail migration throughput - par...Eyal Doron
 
Mail migration to office 365 mail migration methods - part 1#4
Mail migration to office 365 mail migration methods - part 1#4Mail migration to office 365 mail migration methods - part 1#4
Mail migration to office 365 mail migration methods - part 1#4Eyal Doron
 
Stage migration, exchange and autodiscover infrastructure part 1#2 part 35#36
Stage migration, exchange and autodiscover infrastructure part 1#2 part 35#36Stage migration, exchange and autodiscover infrastructure part 1#2 part 35#36
Stage migration, exchange and autodiscover infrastructure part 1#2 part 35#36Eyal Doron
 
Autodiscover flow in an office 365 environment part 3#3 part 31#36
Autodiscover flow in an office 365 environment part 3#3 part 31#36Autodiscover flow in an office 365 environment part 3#3 part 31#36
Autodiscover flow in an office 365 environment part 3#3 part 31#36Eyal Doron
 
Autodiscover flow in an exchange hybrid environment part 1#3 part 32#36
Autodiscover flow in an exchange hybrid environment part 1#3 part 32#36Autodiscover flow in an exchange hybrid environment part 1#3 part 32#36
Autodiscover flow in an exchange hybrid environment part 1#3 part 32#36Eyal Doron
 
Autodiscover flow in an exchange on premises environment non-active director...
Autodiscover flow in an exchange on premises environment non-active director...Autodiscover flow in an exchange on premises environment non-active director...
Autodiscover flow in an exchange on premises environment non-active director...Eyal Doron
 
Autodiscover flow in an exchange on premises environment non-active director...
Autodiscover flow in an exchange on premises environment non-active director...Autodiscover flow in an exchange on premises environment non-active director...
Autodiscover flow in an exchange on premises environment non-active director...Eyal Doron
 
Autodiscover flow in an exchange on premises environment non-active director...
Autodiscover flow in an exchange on premises environment non-active director...Autodiscover flow in an exchange on premises environment non-active director...
Autodiscover flow in an exchange on premises environment non-active director...Eyal Doron
 
Outlook test e mail auto configuration autodiscover troubleshooting tools p...
Outlook test e mail auto configuration autodiscover troubleshooting tools p...Outlook test e mail auto configuration autodiscover troubleshooting tools p...
Outlook test e mail auto configuration autodiscover troubleshooting tools p...Eyal Doron
 
Microsoft remote connectivity analyzer (exrca) autodiscover troubleshooting ...
Microsoft remote connectivity analyzer (exrca) autodiscover troubleshooting ...Microsoft remote connectivity analyzer (exrca) autodiscover troubleshooting ...
Microsoft remote connectivity analyzer (exrca) autodiscover troubleshooting ...Eyal Doron
 
Microsoft connectivity analyzer (mca) autodiscover troubleshooting tools pa...
Microsoft connectivity analyzer (mca) autodiscover troubleshooting tools pa...Microsoft connectivity analyzer (mca) autodiscover troubleshooting tools pa...
Microsoft connectivity analyzer (mca) autodiscover troubleshooting tools pa...Eyal Doron
 
Outlook test e mail auto configuration autodiscover troubleshooting tools p...
Outlook test e mail auto configuration autodiscover troubleshooting tools p...Outlook test e mail auto configuration autodiscover troubleshooting tools p...
Outlook test e mail auto configuration autodiscover troubleshooting tools p...Eyal Doron
 
Microsoft remote connectivity analyzer (ex rca) autodiscover troubleshooting...
Microsoft remote connectivity analyzer (ex rca) autodiscover troubleshooting...Microsoft remote connectivity analyzer (ex rca) autodiscover troubleshooting...
Microsoft remote connectivity analyzer (ex rca) autodiscover troubleshooting...Eyal Doron
 
Microsoft connectivity analyzer (mca) autodiscover troubleshooting tools pa...
Microsoft connectivity analyzer (mca) autodiscover troubleshooting tools pa...Microsoft connectivity analyzer (mca) autodiscover troubleshooting tools pa...
Microsoft connectivity analyzer (mca) autodiscover troubleshooting tools pa...Eyal Doron
 

More from Eyal Doron (20)

How to simulate spoof e mail attack and bypass spf sender verification - 2#2
How to simulate spoof e mail attack and bypass spf sender verification - 2#2How to simulate spoof e mail attack and bypass spf sender verification - 2#2
How to simulate spoof e mail attack and bypass spf sender verification - 2#2
 
What is the meaning of mail phishing attack in simple words part 4#9 | Eyal...
What is the meaning of mail phishing attack in simple words part 4#9 | Eyal...What is the meaning of mail phishing attack in simple words part 4#9 | Eyal...
What is the meaning of mail phishing attack in simple words part 4#9 | Eyal...
 
Dealing with a spoof mail attacks and phishing mail attacks a little story ...
Dealing with a spoof mail attacks and phishing mail attacks a little story ...Dealing with a spoof mail attacks and phishing mail attacks a little story ...
Dealing with a spoof mail attacks and phishing mail attacks a little story ...
 
Exchange In-Place eDiscovery & Hold | Introduction | 5#7
Exchange In-Place eDiscovery & Hold | Introduction | 5#7Exchange In-Place eDiscovery & Hold | Introduction | 5#7
Exchange In-Place eDiscovery & Hold | Introduction | 5#7
 
Mail migration to office 365 measure and estimate mail migration throughput...
Mail migration to office 365 measure and estimate mail migration throughput...Mail migration to office 365 measure and estimate mail migration throughput...
Mail migration to office 365 measure and estimate mail migration throughput...
 
Mail migration to office 365 factors that impact mail migration performance...
Mail migration to office 365 factors that impact mail migration performance...Mail migration to office 365 factors that impact mail migration performance...
Mail migration to office 365 factors that impact mail migration performance...
 
Mail migration to office 365 optimizing the mail migration throughput - par...
Mail migration to office 365 optimizing the mail migration throughput - par...Mail migration to office 365 optimizing the mail migration throughput - par...
Mail migration to office 365 optimizing the mail migration throughput - par...
 
Mail migration to office 365 mail migration methods - part 1#4
Mail migration to office 365 mail migration methods - part 1#4Mail migration to office 365 mail migration methods - part 1#4
Mail migration to office 365 mail migration methods - part 1#4
 
Stage migration, exchange and autodiscover infrastructure part 1#2 part 35#36
Stage migration, exchange and autodiscover infrastructure part 1#2 part 35#36Stage migration, exchange and autodiscover infrastructure part 1#2 part 35#36
Stage migration, exchange and autodiscover infrastructure part 1#2 part 35#36
 
Autodiscover flow in an office 365 environment part 3#3 part 31#36
Autodiscover flow in an office 365 environment part 3#3 part 31#36Autodiscover flow in an office 365 environment part 3#3 part 31#36
Autodiscover flow in an office 365 environment part 3#3 part 31#36
 
Autodiscover flow in an exchange hybrid environment part 1#3 part 32#36
Autodiscover flow in an exchange hybrid environment part 1#3 part 32#36Autodiscover flow in an exchange hybrid environment part 1#3 part 32#36
Autodiscover flow in an exchange hybrid environment part 1#3 part 32#36
 
Autodiscover flow in an exchange on premises environment non-active director...
Autodiscover flow in an exchange on premises environment non-active director...Autodiscover flow in an exchange on premises environment non-active director...
Autodiscover flow in an exchange on premises environment non-active director...
 
Autodiscover flow in an exchange on premises environment non-active director...
Autodiscover flow in an exchange on premises environment non-active director...Autodiscover flow in an exchange on premises environment non-active director...
Autodiscover flow in an exchange on premises environment non-active director...
 
Autodiscover flow in an exchange on premises environment non-active director...
Autodiscover flow in an exchange on premises environment non-active director...Autodiscover flow in an exchange on premises environment non-active director...
Autodiscover flow in an exchange on premises environment non-active director...
 
Outlook test e mail auto configuration autodiscover troubleshooting tools p...
Outlook test e mail auto configuration autodiscover troubleshooting tools p...Outlook test e mail auto configuration autodiscover troubleshooting tools p...
Outlook test e mail auto configuration autodiscover troubleshooting tools p...
 
Microsoft remote connectivity analyzer (exrca) autodiscover troubleshooting ...
Microsoft remote connectivity analyzer (exrca) autodiscover troubleshooting ...Microsoft remote connectivity analyzer (exrca) autodiscover troubleshooting ...
Microsoft remote connectivity analyzer (exrca) autodiscover troubleshooting ...
 
Microsoft connectivity analyzer (mca) autodiscover troubleshooting tools pa...
Microsoft connectivity analyzer (mca) autodiscover troubleshooting tools pa...Microsoft connectivity analyzer (mca) autodiscover troubleshooting tools pa...
Microsoft connectivity analyzer (mca) autodiscover troubleshooting tools pa...
 
Outlook test e mail auto configuration autodiscover troubleshooting tools p...
Outlook test e mail auto configuration autodiscover troubleshooting tools p...Outlook test e mail auto configuration autodiscover troubleshooting tools p...
Outlook test e mail auto configuration autodiscover troubleshooting tools p...
 
Microsoft remote connectivity analyzer (ex rca) autodiscover troubleshooting...
Microsoft remote connectivity analyzer (ex rca) autodiscover troubleshooting...Microsoft remote connectivity analyzer (ex rca) autodiscover troubleshooting...
Microsoft remote connectivity analyzer (ex rca) autodiscover troubleshooting...
 
Microsoft connectivity analyzer (mca) autodiscover troubleshooting tools pa...
Microsoft connectivity analyzer (mca) autodiscover troubleshooting tools pa...Microsoft connectivity analyzer (mca) autodiscover troubleshooting tools pa...
Microsoft connectivity analyzer (mca) autodiscover troubleshooting tools pa...
 

Recently uploaded

Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 

Recently uploaded (20)

Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 

What is SPF record good for? | Part 7#17

  • 1. Page 1 of 20 | What is SPF record good for? | Part 7#17 Written by Eyal Doron | o365info.com WHAT IS SPF RECORD GOOD FOR? | PART 7#17 The current article is focused on explaining the purpose of the SPF record and, how does the SPF record enable us to prevent a scenario in which hostile elements, could send E-mail in our behalf. The next article – Implementing SPF record | Part 8#17 , focus on the “technical side” of the SPF record such as: the structure of SPF record, the way that we create SPF record, what is the required syntax for the SPF record in Office 365 environment + Mix mail environment, how to verify the existence of SPF record and so on.
  • 2. Page 2 of 20 | What is SPF record good for? | Part 7#17 Written by Eyal Doron | o365info.com The purpose of the SPF record There are two main objectives for using SPF record: 1. Try to prevent a scenario, in which spammer will send E-mails using our domain name (a specific organization E-mail address) by using his mail server. In other words: a scenario in which the spammer’s mail server is introduce himself as “our legitimate mail server”. 2. Preventing a scenario, in which a destination mail server will block E-mail that sent from our organization or “stamp” our organization mail with a high spam score level because a spammer is “distributing E-mail” using our organization user’s identity (using an E-mail address of our recipient organization). Issues that relate to SPF record. We can classify that scenario of “problems that relate to SPF record” into two main areas:
  • 3. Page 3 of 20 | What is SPF record good for? | Part 7#17 Written by Eyal Doron | o365info.com 1. Lack of SPF record – a common scenario, in which the organization don’t use and SPF record. The main reason is – lack of awareness to the big impertinence of using SPF records. 2. Miss configured SPF record – an existing SPF record that was configured with incorrect syntax or doesn’t include the “full information” about all the mail server that represents the specific organization. Why do I need to use SPF record? Ensure our E-mail message reliability The use of SPF record is very important in a modern mail environment because, SPF record enables us to set the level of “reliability” of an E-mail message that sent “from our organization” meaning: E-mail message was sent from our legitimate mail server. The purpose of the SPF record is to enable organizations to publicly “declare” who are the mail servers, which are authorized to send mail on behalf of the organization (for a specific domain name).
  • 4. Page 4 of 20 | What is SPF record good for? | Part 7#17 Written by Eyal Doron | o365info.com The destination mail server, which accepts E-mail message that includes our domain name (E-mail address with our domain name), can verify if the mail server that “deliver” the E-mail message is entitled or, authorized to represent the specific domain name. The destination mail server verifies this information by looking for at the organization SPF record, which should include a list of all of the authorized mail servers that represent the specific domain name. In case that the “source mail server” doesn’t appear as listed in the SPF record, the “destination mail server” (the mail server that spouses accept the E-mail message and forward the E-mail message to the destination recipient) can decide if he agree to accept the E-mail or “block” the sending mail server. A scenario in which we don’t use SPF record or, a scenario in which we sent mail by using a mail server that doesn’t appear on the SPF
  • 5. Page 5 of 20 | What is SPF record good for? | Part 7#17 Written by Eyal Doron | o365info.com record that represents our domain name, could lead to a significant reduction in the “reliability grade” of E-mail that is sent by our organization users. In other words: an outcome in which our organization mail will be identified as spamJunk mail. Prevent spoofing scenario In a modern mail environment the scenario of: “spoofing” is very common and very popular. The reason for this “popularity” of the spam phenomenon is because that the SMTP mail protocol was created, based on the assumption that the parties that want to communicate using E-mail message are, “legitimate players”. The reality is a little different and many times, hostile elements such as spammers, use the basic SMTP option for “presenting themselves” as some else (impersonation).
  • 6. Page 6 of 20 | What is SPF record good for? | Part 7#17 Written by Eyal Doron | o365info.com For example: in a standard SMTP session between two mail servers (the source and the destination mail server), when server A connects server B and ask him to forward An E-mail message to a recipient who is hosted on mail server B, mail server A, present himself as the representative of the source recipient. By default, server B (the destination server) is supposed to believe to server A (believe that he is the true representative of the source recipient). The SPF record, was created for preventing a scenario in which spammer, fake his identity and, pretend to be the “legitimate mail server” of a specific organization. In our example, the spammer’s mail server, present himself as the legitimate mail server that sends E-mail “on behalf” the domain: o365info.com In the following diagram, we can see such a scenario, in which hostile elements try to send E-mail message to the destination recipient and the mail server of the hostile elements “declare” that the message was sent by a recipient’s name: Alice@o365info.com
  • 7. Page 7 of 20 | What is SPF record good for? | Part 7#17 Written by Eyal Doron | o365info.com Q1: What is SPF stand for? A1: SPF stands for Sender Policy Framework Q2: How does the SPF record is implemented? A2: By publishing a TXT record in our public DNS that includes pre- defined structure + information about the mail server that are authorized and “approved” to send E-mail on behalf of our organization. Q3: What is the information that is included in the SPF record? A3: The SPF record includes information about the mail server names or IP address that represents a specific organization (domain name) and can send an E-mail on behalf of the organization. Note – the SPF record syntax includes additional options for “pointing out” the legitimate mail server, such as using the MX or the A record option.
  • 8. Page 8 of 20 | What is SPF record good for? | Part 7#17 Written by Eyal Doron | o365info.com For example, when using the MX option in the SPF record, the meaning is that all the mail servers who appear “under” the MX record of a specific domain name, considers as “authorized” mail server that can send E-mail on behalf of the specific domain. How does the SPF record prevent a spoofing scenario? To be able to demonstrate the way in which the use of the SPF record prevents a spoofing, let’s use the following scenario: A hostile element (spammer) wants to distribute spam mail, hide his identity and impersonate his identity by using the identity of a legitimate organization that uses the public domain name: o365info.com The spammer, is going to “present himself” using the recipient name (E-mail address): Alice@o365info.com
  • 9. Page 9 of 20 | What is SPF record good for? | Part 7#17 Written by Eyal Doron | o365info.com Step 1: sending E-mail message on behalf of the legitimate recipient In the following diagram, we can see that the spammer’s mail server connects the destination mail server, and asks him to forward email messages to the destination recipient. The destination mail server “see” that the IP address that is used by the “source mail server” (the spammer’s mail server) is: 100.100.100.100 Pay attention that the “real mail server” that represent the organization: o365info.com, use different IP address: 212.25.80.239
  • 10. Page 10 of 20 | What is SPF record good for? | Part 7#17 Written by Eyal Doron | o365info.com Step 2: Destination mail server, check SPF record. In our scenario, we assume that the E-mail policy that is used by the “destination mail server” is configured to check the SPF record of the “source mail server”. The “destination mail server” query DNS server and ask for the SPF record of the domain: o365info.com In our scenario, the SPF record “say” that the “formal mail server” that represents the domain: o365infpo.com is: 212.25.80.239 Step 3: Destination mail rejects the E-mail message. The spammer’s mail server is the IP address: 100.100.100.100 Because the SPF record for the domain: o365info.com doesn’t include this IP address; the mail server will reject the E-mail message from the spammer’s mail server.
  • 11. Page 11 of 20 | What is SPF record good for? | Part 7#17 Written by Eyal Doron | o365info.com Important note – the “real world” is a little more complex. In reality, there could be many other scenarios. For example: in case that the “destination mail server” is not configured to check the existence of SPF record, he will accept the E- mail message that was sent by the spammer. Another possible scenario could be that the “destination mail server” will agree to accept the E-mail message, although the IP address of the “source mail server” (the spammer’s mail server) doesn’t appear in the SPF record but, will “stamp” the E-mail message as a “problematic” or dangerous E-mail message. “Problems” that relates to SPF record Q: What are a possible scenario of “problems” that relates to SPF record? A: An example for a “problems” that relates to SPF record could be:
  • 12. Page 12 of 20 | What is SPF record good for? | Part 7#17 Written by Eyal Doron | o365info.com 1. Lack of SPF record – A scenario in which the organization doesn’t use SPF record. 2. More than one SPF records – a common mistake, in which the DNS includes two or more SPF records. The outcome is: “unknown results”. Some of the mail server will relate only to one SPF record and some mail server, will refuse to accept mail because the SPF record is not configured correctly. 3. SPF record that is configured improperly SPF record is based on very strict “syntax rules” that dictate how to “construct” the SPF record. In some cases, the SPF record includes a syntax error. In this case, we are dealing again with the realm of: “unknown results”. 4. SPF record that doesn’t include information about all the organization’s mail servers. Any of this “issues”, could lead to a scenario in which external mail server will block mail that is sent by a user’s from our organization (users whom their E-mail address includes our public domain name). Mixed mail environment example An example of a scenario: “SPF record that doesn’t include information about all the organization’s mail servers” could be: Hybrid environment, that is based on two separated mail infrastructures: the Office 365 mail infrastructure (Exchange Online) and the Exchange on-Premises mail infrastructure.
  • 13. Page 13 of 20 | What is SPF record good for? | Part 7#17 Written by Eyal Doron | o365info.com In this scenario, an E-mail message could be sent from the booth of this mail infrastructures (depend on the physical location of the user mailbox). In a scenario of: “two separate mail infrastructures”, the SPF should contain “pointers” to the separated mail infrastructure. In simple words: the SPF record should “declare” that mail that is sent by the Exchange Online mail servers + mail that sent from the Exchange on-Premises mail servers consider as a legitimate mail. In case that the SPF record value that we have configured doesn’t include information about the Exchange on-Premises server. Each E- mail that will be sent by the Exchange on-Premises server have the Potential to be identified as spamjunk mail. Note – you can read more detailed information on the SPF record syntax in the article – Implementing SPF record | Part 8#17
  • 14. Page 14 of 20 | What is SPF record good for? | Part 7#17 Written by Eyal Doron | o365info.com Q: in a scenario of a problem in SPF record, what are the possible “responses” of the target mail server? A: It’s important to emphasize that in a scenario of: “problems that relate to SPF record”, the “response” from the destination mail server, cannot be predictable. The reason is that each mail server, use or implement a different mail security policy. Some of the mail servers are more “forgiving” to a scenario of luck or a problem with the SPF record and, some of the mail servers are stricter.
  • 15. Page 15 of 20 | What is SPF record good for? | Part 7#17 Written by Eyal Doron | o365info.com Internal outbound spam in Office 365 environment | Article series index A quick reference for the article series My E-mail appears as a spam | Article series index | Part 0#17 The article index of the complete article series Introduction to the concept of internal outbound spam in general and in Office 365 and Exchange Online environment My E-mail appears as a spam – Introduction | Office 365 | Part 1#17 The psychological profile of the phenomenon: “My E-mail appears as a spam!”, possible factors for causing our E-mail to appear a “spam mail”, the definition of internal outbound spam. Internal spam in Office 365 – Introduction | Part 2#17 Review in general the term: “internal outbound spam”, miss conceptions that relate to this term, the risks that are involved in this scenario,
  • 16. Page 16 of 20 | What is SPF record good for? | Part 7#17 Written by Eyal Doron | o365info.com outbound spam E-mail policy and more. Internal spam in Office 365 – Introduction | Part 3#17 What are the possible reasons that could cause to our mail to appear as spamjunk mail, who or what are this “elements”, that can decide that our mail is a spam mail?, what are the possible “reactions” of the destination mail infrastructure that identify our E- mail as spamjunk mail?. Commercial E-mail – Using the right tools | Office 365 | Part 4#17 What is commercial E-mail? Commercial E-mail as part of the business process. Why do I think that Office 365 Exchange Online is unsuitable for the purpose of commercial E-mail? Introduction if the major causes for a scenario in which your organization E-mail appears as spam My E-mail appears as spam | The 7 major reasons | Part 5#17 Review three major reasons, that could lead to a scenario, in which E- mail that is sent from our organization identified as spam mail:
  • 17. Page 17 of 20 | What is SPF record good for? | Part 7#17 Written by Eyal Doron | o365info.com 1. E-mail content, 2. Violation of the SMTP standards, 3. BulkMass mail My E-mail appears as spam | The 7 major reasons | Part 6#17 Review three major reasons, that could lead to a scenario, in which E- mail that is sent from our organization identified as spam mail: 4. False positive, 5. User Desktop malware, 6. “Problematic” Website Introduction if the subject of SPF record in general and in Office 365 environment What is SPF record good for? | Part 7#17 The purpose of the SPF record and the relation to for our mail infrastructure. How does the SPF record enable us to prevent a scenario in which hostile elements could send E-mail on our behalf. Implementing SPF record | Part 8#17 The “technical side” of the SPF record: the structure of SPF record, the way that we create SPF record, what is the required syntax for the SPF record in an Office 365 environment + mix mail environment, how to verify the existence of SPF record and so on.
  • 18. Page 18 of 20 | What is SPF record good for? | Part 7#17 Written by Eyal Doron | o365info.com Introduction if the subject of Exchange Online - High Risk Delivery Pool High Risk Delivery Pool and Exchange Online | Part 9#17 How Office 365 (Exchange Online) is handling a scenario of internal outbound spam by using the help of the Exchange Online- High Risk Delivery Pool. High Risk Delivery Pool and Exchange Online | Part 10#17 The second article about the subject of Exchange Online- High Risk Delivery Pool. The troubleshooting path of internal outbound spam scenario My E-mail appears as spam – Troubleshooting path | Part 11#17 Troubleshooting scenario of internal outbound spam in Office 365 and Exchange Online environment. Verifying if our domain name is blacklisted, verifying if the problem is related to E-mail content, verifying if the problem is related to specific organization user E-mail address, moving the troubleshooting process to the “other side.
  • 19. Page 19 of 20 | What is SPF record good for? | Part 7#17 Written by Eyal Doron | o365info.com My E-mail appears as spam | Troubleshooting – Domain name and E-mail content | Part 12#17 Verify if our domain name appears as blacklisted, verify if the problem relates to a specific E-mail message content, registering blacklist monitoring services, activating the option of Exchange Online outbound spam. My E-mail appears as spam | Troubleshooting – Mail server | Part 13#17 What is the meaning of: “our mail server”?, Mail server IP, host name and Exchange Online. One of our users got an NDR which informs him, that his mail server is blacklisted!, How do we know that my mail server is blacklisted? My E-mail appears as spam | Troubleshooting – Mail server | Part 14#17 The troubleshooting path logic. Get the information from the E-mail message that was identified as spamNDR. Forwarding a copy of the NDR message or the message that saved to the junk mail
  • 20. Page 20 of 20 | What is SPF record good for? | Part 7#17 Written by Eyal Doron | o365info.com My E-mail appears as spam | Troubleshooting – Mail server | Part 15#17 Step B – Get information about your Exchange Online infrastructure, Step C – fetch the information about the Exchange Online IP address, Step D – verify if the “formal “Exchange Online IP address a De-list your organization from a blacklist | My E-mail appears as spam | Part 16#17 Review the charters of a scenario in which your organization appears as blacklisted. The steps and the operations that need to be implemented for de-list your organization from a blacklist. Summery and recap of the troubleshooting and best practices in a scenario of internal outbound spam Dealing and avoiding internal spam | Best practices | Part 17#17 Provide a short checklist for all the steps and the operation that relates to a scenario of – internal outbound spam.