Email Fraud Defense Flashcards
Email Fraud Defense
makes our email authentication simpler and can help us identify which email senders are legitimate and monitor anomalous senders.
DNS
Domain Name System; naming system for computers, services, and other resources in the Internet or other Internet Protocol
SPF
Sender Policy Framework (SPF) including its implementation, and challenges; checks if server is authorized to send email on behalf of the domain.
DKIM
DomainKeys Identified Mail (DKIM) including its implementation and challenges; Digital signature.
Outbound email gateway
outgoing mail server or SMTP server that sends email from a domain to external recipients on the internet
Domain
main part of website URL that reps company or entity on internet; contains TLD and SLD (ex: dell.com)
Subdomain
subset of a larger and is used to organize and structure content within the main domain (ex: erg.dell.com)
SPF alignment
when the message’s SPF domain and the header’s From: domain match, or share the same parent domain
DKIM alignment
the DKIM domain found in the DKIM signature matches the header’s From: domain or DKIM signature matches the Header’s From: domain
Relaxed
subdomains are aligned with parent domains
Strict
domains MUST match exactly (ex: us.erg.dell.com would NOT align with erg.dell.com)
How do you pass DKIM?
a message must pass EITHER SPF and SPF alignment or DKIM signatures, only one needs to pass and align DKIM
Policy=none
tells recipient networks to ignore that the email fails DMARC authentication
Policy=quarantine
tells recipient networks to quarantine messages that fail DMARC authentication; ends up in spam or junk folder
Aggregate reports provide high level info on…
o IP address of sender
o Total number of emails sent by a sender
o SPF, DKIM, and DMATC authentication results of those emails; includes all metadata
