Mail Spoofing

**Yankeeman07** · 06-17-2025, 08:18 AM

DKIM

DKIM (DomainKeys Identified Mail) is an email authentication method designed to protect your domain against spoofing, a method whereby a malicious actor sends email that appears to be from your domain. It also lends legitimacy to genuine emails that you send, reducing the chance of them ending up in recipient's junk folders.

What is mail spoofing?
Mail spoofing is where a malicious third party sends email using an email address on your domain as the "from" address. It is very easy to do, and is commonly used in phishing and spam email campaigns to add legitimacy. For example, receiving an email from [email protected] telling you to reset your password would look very convincing. Without email authentication like DKIM or SPF, there is no way to stop this.

A very important factor in spoofing is the sending server (SMTP server). You will have a mail provider you use to send email. For example, if your mail provider is Fasthosts, all your email will be sent from the Fasthosts SMTP servers. Someone spoofing your domain name will not be able to send email from the Fasthosts SMTP server, because you need to authenticate with the SMTP server with your mailbox password when you send an email. This means that when someone spoofs an email address on your domain name, they will need to send it through a different provider's SMTP server.

How does DKIM help stop this?
DKIM is provided by your email provider's SMTP server. When you set it up, every email you send will contain a unique, encrypted digital signature that tells a receiving server that the email being sent was authorised by the owner of the domain. When the receiving server processes the email, it will use a public key that you add to your DNS records to verify the signature. Malicious actors will not be able to forge this digital signature because they can't send through your SMTP server without your mailbox password, so any mail that is not sent through your authorised sending server (SMTP) will not contain the digital signature.

What about SPF?
SPF is another form of email authentication that you may be aware of, but works slightly differently. With SPF, you specify the IP addresses of the SMTP servers that are authorised to send email from your domain. SPF records are stored as TXT records in your domain's DNS records. If a malicious third party spoofs your email address and sends through a different SMTP server to the one specified in your SPF record, the mail would fail authentication with the receiving server.

Should I use SPF or DKIM?
The answer is both! Although using DKIM or SPF should protect you in most cases of spoofing, having both alongside a DMARC policy is the best form of protection. In theory, DKIM is more secure because it uses cryptography and also verifies the email hasn't been altered in transit. However, SPF adds an additional layer of security because it also allows you to define the IP address of your authorised SMTP server. Alongside DKIM, it is very difficult to spoof a domain that has both DKIM and SPF enabled. It also adds legitimacy to mail you send, meaning your email is less likely to end up in a recipients junk folder.

Are there any pitfalls?
When you set up SPF, DKIM or DMARC, it is essential that your DNS records are correct. If they are not, mail you send is likely to be rejected because receiving servers rely on your DNS records to verify the email that you send.

**Logan Plovnick AC&C** · 06-19-2025, 04:56 PM

Nice post!

Did you type all this yourself? Either way it's very informative providing great info so thank you for sharing!

**Yankeeman07** · 06-19-2025, 05:27 PM

Originally Posted by Logan Plovnick AC&C

Nice post!

Did you type all this yourself? Either way it's very informative providing great info so thank you for sharing!

No

A tech company I work - we assist companies in securing their email, updating DNS Records, tools for monitoring email, and implementing
ivp6 addresses on devices - eliminating public I.P.'s

**Logan Plovnick AC&C** · 06-20-2025, 03:22 PM

I like it thank you for sharing!

**B2 Systems** · 06-20-2025, 08:17 PM

Originally Posted by Yankeeman07

No

A tech company I work - we assist companies in securing their email, updating DNS Records, tools for monitoring email, and implementing
ivp6 addresses on devices - eliminating public I.P.'s

Would you say that email spoofing is a very big concern for most Isos? What's the value proposition for doing it, except maybe piggy backing off a very large brand...Even if you're able to send the email successfully, if the receiver responds back, you won't receive it.

--
B2 Systems
No-Touch, 100% Accurate Data Processing + Full Lender Submissions
Humans no longer required...

https://b2systems.io/

ISO Success Steps with B2 Systems:

Step [1]: Email App to Merchant
Step [2]: Enjoy Lunch
Step [3]: 3 Real Approvals When you Get Back
Step [4]: Close

David Tan - 15+ Years in Finance, Business, Tech

(321) 800-2304
Cocoa Beach, Florida

**Yankeeman07** · 06-20-2025, 10:56 PM

Originally Posted by B2 Systems

Would you say that email spoofing is a very big concern for most Isos? What's the value proposition for doing it, except maybe piggy backing off a very large brand...Even if you're able to send the email successfully, if the receiver responds back, you won't receive it.

--
B2 Systems
No-Touch, 100% Accurate Data Processing + Full Lender Submissions
Humans no longer required...

https://b2systems.io/

ISO Success Steps with B2 Systems:

Step [1]: Email App to Merchant
Step [2]: Enjoy Lunch
Step [3]: 3 Real Approvals When you Get Back
Step [4]: Close

David Tan - 15+ Years in Finance, Business, Tech

(321) 800-2304
Cocoa Beach, Florida

How much personal-financial data is handled incorrectly within this industry?

https://www.fbi.gov/how-we-can-help-...g-and-phishing

Thread Tools

Display

Mail Spoofing

Similar Threads

Who's Doing Direct Mail & Looking For High Quality Postals To Mail To?

G Mail's Dirty Little Secret!!

Private E-Mail Accounts

Direct Mail

Direct mail

Posting Permissions