top of page
  • OpaCyber

Why your outbound email security sucks and what you can do about it - part 1

In easy-to-understand terminology (we hope), this month we’re going to take a look at email delivery and security (please try to contain yourselves)

That’s YOUR outbound email, not the spam and phishing you receive 🤣

Excited? 🤦‍♂️Then let’s begin!

There are three components in the sending of email:

  1. SPF - Sender Policy Framework

  2. Dkim (Dee Kim) - Domain-keys Identified Mail

  3. Dmarc (Dee Marc) - Domain-based Message Authentication, Reporting, and Conformance

No need to remember these, there won’t be a test at the end 🤣🤣

These are supposed to work in harmony like The Supremes or The Ronettes (ask your parents, or maybe your grandparents!🤦‍♂️). If one or more are “out of tune” (see what we did there?) your emails might:

  • be delayed

  • sent to junk

  • quarantined

  • just never arrive at all

So, why are the three components important? Well, if you:

  • Get them correct your emails will breeze along to the recipient like a motorcade for the President of the United States

  • Get them wrong and they might end up having the issues mentioned above

  • Get one of them (Dmarc) wrong and we (and actual nasty people) can spoof (impersonate) you and send emails pretending to be you. The hackers of the world thank you for your co-operation

We’ll break these down into single posts later but essentially just know that SPF and Dkim are Sender Verification methods (who or what is allowed to send emails on your behalf) while Dmarc tells the recipient email service what to do with “your” email if it doesn’t comply with the Sender Verification you have set

Next instalment soon - SPF! (We know, you can barely wait! 🤣)

Next post, SPF:


Commenting has been turned off.
bottom of page