PSA: Protect Your Email with DMARC

This post was originally published on this site

In the last few months, I’ve seen an uptick in spoofed emails being sent with my own personal email domain. Not only is this extremely annoying, but more problematic is that recipients receive spam and phishing emails from what seems to be my personal mail account, simply by spoofing the from address. I don’t know why domain and email address has been “chosen” for this, but I guess this is fallout from the LinkedIn breach way back in 2012.

I didn’t think there was much I could do about this, but a recent tweet by my friend Per Thorsheim sent me down the rabbit hole.

I love my hard-fail SPF & DMARC email policy, and using @dmarcian to see how spammers fail to take advantage of my domain. 😀

— Per Thorsheim (@thorsheim) April 12, 2017

@h0bbel @dmarcian Special offer for you my friend: Coffee & cake, and I’ll show you HOWTO. 😀

— Per Thorsheim (@thorsheim) April 12, 2017

So, obviously there are options available to me that I was completely unaware of. I haven’t managed any public facing email services for 6-7 years, so I’ve not kept up with whatever has been happening in that particular space. Also, my