A common phishing method is “pretend” to send emails from your own domain, even when it’s clearly from a fraudulent sender.

Unfortunately, email was designed well before fraudulent methods were thought of so it has numerous weaknesses when it comes to ensuring the integrity of the emails. Most of the additional security features are mostly afterthoughts rather than integral parts of the system.

Prevention Methods

To help ensure only legitimate emails from your domain are possible the two critical areas are:

  1. SPF: SPF Guide (ensuring hard fail is used)
  2. DKIM: Enabling DKIM Signing

Optionally, you can also enable DMARC for additional reporting as well and configure emails to reject.


Regardless of what you request, ultimately it’s up to the end mail server accepting the email to decide if they follow the SPF, DKIM and DMARC guidance or not.

Some may use more aggressive features whereas others will ignore or use alternative methods of authenticating the email.

Was this article helpful?

Related Articles