DNS-Based Defense SPF

In this lesson, we will explore Sender Policy Framework (SPF), a DNS-based defense against phishing.

We'll cover the following...

It will be useful to be able to query DNS records to understand these defenses and configure them for your domains. If you’re running a Unix-like operating system like Mac OS or Linux, you’ll have a program called dig installed. You can run dig at the command line. You can read the man page for more details, but for our purposes, all you need to know is to run dig with two arguments—the host or domain you want to learn more about and the keyword txt. That will look like this:

Press + to interact
dig punkgrok.org txt

The Problem with Email

Phishing emails that appear to have been sent from your domain are going to be more effective than phishing emails sent from other domains. So we’re going to take a look at three technologies that you can use to help prevent phishers forging emails that appear to be sent from your domain—SPF, DKIM, and DMARC.

First let’s look at a problem with email. Email is sent using a protocol called SMTP, or Simple Mail Transfer Protocol. SMTP is the protocol that allows mail servers from all over the internet to send email to one another. It’s too complex to cover in detail here. Check out Educative’s course Grokking Computer Networking, if you wish to learn more about it. What we’ll emphasize here is that SMTP lets ...