Another critical aspect is controlling the messages that enter our system to ensure we only receive what we want. Microsoft, Proofpoint, and Mimecast excel in this by effectively filtering out viruses and junk email, keeping our inboxes clean. Personally, I recommend utilizing a third-party service to scan messages before they reach your organization.
Here’s how it works: when someone sends an email, services like Proofpoint scan it, check for spam, and then deliver it to you. If your mailbox is in Microsoft 365, the email undergoes another scan before landing in your mailbox, providing an extra layer of security.
Speaking of spam filters, it’s crucial to ensure your messages aren’t mistakenly blocked by other spam filters. In the past, adding a SPF record sufficed, but now, newer technologies like DKIM and DMARC DNS records are highly recommended (you can learn more about this here). Although there are other options, DKIM and DMARC are becoming standard. Some people might think they don’t need DKIM or DMARC because their emails are being received fine, but having these records is vital. They not only enhance email security but also safeguard your organization’s reputation by preventing malicious actors from impersonating your domain and sending fraudulent emails.
Modern spam filters can utilize information from failed SPF and DKIM checks, generating reports based on your DMARC record. Implementing these measures helps demonstrate that you’re taking proactive steps to ensure the emails recipients receive truly originate from your organization. Microsoft 365 and Proofpoint offer DKIM support. Additionally, there are several reliable on-premises solutions for DKIM, some of which are free.
I’ve come across domain spoofing quite frequently. It’s when an email appears to come from CEO@compamy.com instead of the correct address CEO@company.com.
Did you spot the difference in the domains?
These subtle alterations can be hard to catch, and they can lead to significant problems. To minimize this risk, it’s a good idea to buy domains that are similar to yours in name. Also, consider acquiring domains with endings like .US, .EU, or .UK to further protect against spoofing attempts.
Domain spoofing can cause issues for both people inside and outside your organization. Often, these misleading emails involve incorrect bank routing numbers, leading to potentially serious problems. To tackle this, it’s wise to acquire similar domain names and configure SPF and DMARC records for them. These records clearly state that these domains don’t send emails, allowing spam filters to delete messages from these domains if detected. If your DMARC setup specifies where to send reports, you can trace the origins of these emails. We’ll delve into DNS intricacies in more detail in part two.
To help us categorize this information, we can reference the table below:
In essence, Exchange security is crucial for email protection and data integrity. A layered security approach, including MFA, robust email filtering, and DNS record implementation, is essential. Addressing domain spoofing is vital, mitigating risks by acquiring similar domains and configuring SPF and DMARC records. Stay tuned for part two for deeper insights into DNS intricacies.
If you’d like to learn more about Exchange security and how to better protect your IT infrastructure, please contact us by calling (502) 240-0404 or emailing firstname.lastname@example.org