- 10-03-22There's always a workaround: why censorship doesn't work
- 15-04-21AVG: Dutch CIOs vs. US cloud providers
- 10-03-21Grapperhaus thinks installing a backdoor does not weaken encryption
- 12-02-21Max & BIT - Secure video calling within WordPress with Jitsi
- 03-11-20BIT provides support with ISAE 3402, ISAE 3000 and SOC 2 certifications
- 20-10-20Security monitoring at BIT
- 02-10-20Deep Dive in the BIT colocation network
- 24-07-20SMF or MMF? And what exactly is dispersion on a glass fiber?
- 01-07-20Network statistics in the BIT Portal: techniques and tools
- 17-06-20Email at BIT protected against spam and phishing by using DMARC
Prevent abuse of your unused domain name
08-05-2019 13:37:01
Another popular method to abuse your unused domain name is sending email from that unused domain name.
Many businesses and organisations register large amounts of domain names as a defensive strategy. This is to prevent a competitor or criminal from registering a domain name that is similar to theirs or their brand’s. However, if such companies do not protect these domain names as well as the ones they do actively use, they are still at risk of abuse. A criminal can use a defensively registered domain name to send emails from. And because the domain names are so similar to the real domain name, it increases the chances of users opening the email.
This kind of abuse is relatively easy to prevent by letting email providers know that they should not accept email from this domain. Add a so-called 0 MX record, configure an SPF record that holds no IP address and include a DMARC record that advises to decline all email that is not ‘aligned’.
@ IN MX 0 .
@ IN TXT "v=spf1 -all"
@ IN TXT "v=DMARC1; p=reject; sp=reject; adkim=s; aspf=s; pct=100"
A small effort that goes a long way towards making the internet a little safer!
By: Wido Potters