In a previous article, we discussed why enabling Sender Policy Framework (SPF) on your email domains in important. However, an often-overlooked task in SPF is adding these records to domains that don’t send email.
Simply adding TXT record on these domains with a value of “v=spfv1 -all" will signal other mail servers that any mail coming from this domain is illegitimate and to block it. If your company operates multiple domains, use this simple tip to help prevent spoofing on those other domains. For example, if you own example.com (with SPF) and example.net (without SPF), an attacker may spoof an example.net email account and look perfectly legitimate. Adding the record above to all non-email domains can help prevent this.
We also highly recommend enabling DKIM and DMARC to better prevent spoofing.
For more information on this topic, please reach out to us; we’re here to help!