Protect Domains that do not send email

by | Jul 27, 2023 | Security, Tech Tips | 1 comment

Protect Domains that do not send email

If you own a domain name that you do not use for sending emails, it is essential that you configure these domains correctly so that email servers around the world know not to accept emails from these domains.

Even if you are not using a domain to send email, without taking these steps, there is nothing to stop spammers any cybercriminals from sending spoofed email impersonating your domain, pretending to be from you and thus damaging your reputation.

This is very common for businesses to use one domain (such as yourdomain.com) for their website and email, but also own other TLD’s such as .co.uk, .UK, .net etc or alter spellings or variations of their domain, which are not used for anything.

Here are 4 simple things to do in DNS now to help protect domains that do not send email:

1. Create an SPF Record

In your DNS Management portal, create a TXT Record with the following value:

v=spf1 -all

This will tell email servers around the world that your domain name should not send any email, giving them an indication that emails from this domain should be considered spam.

Useful Tools: SPF Record CheckSPF Record Generator

How to create an SPF Record:
Create a TXT Record with these values:

  • Host: Either leave blank, or enter @
  • Value: v=spf1 -all
  • TTL: Leave default, or enter 1800

GoDaddyDnsMadeEasyNetRegistry

2. Create a DKIM Record

In your DNS Management portal, create a TXT Record with the following value:

v=DKIM1; p=

This record will tell the recipient’s mail server that the email signature isn’t valid because it sees the key as “revoked”. The way we do this is by specifying an empty key. In normal DKIM records, there are additional fields, but they aren’t needed since we are trying to create an intentionally denied record.

Tools: DKIM Record Lookup

How to create a DKIM Record:
Create a TXT Record with these values:

  • Host: *._domainkey.<your domain>
  • Value: v=DKIM1; p=
  • TTL: Leave default, or enter 1800

GoDaddyDnsMadeEasyNetRegistry

3. Create a DMARC Record

In your DNS Management portal, create a TXT Record with the following value:

v=DMARC1; p=reject; pct=100;

This will instruct receiving email servers to reject the emails.

Tools: DMARC Check Tool

How to create a DMARC Record:
Create a TXT Record with these values:

  • Host: *._domainkey.<your domain>
  • Value: v=DMARC1; p=reject; pct=100;
  • TTL: Leave default, or enter 1800

GoDaddyDnsMadeEasyNetRegistry

4. Remove MX Records

In your DNS Management portal, delete and remove any MX Records that are published.

This will show email servers worldwide that the domain should not receive any emails also.

Click here to learn more about email authentication and DMARC

Need Help?

If you would like help with anything mentioned here

GET IN TOUCH

Related Posts:

0 0 votes
Article Rating
Subscribe
Notify of
guest

This site uses Akismet to reduce spam. Learn how your comment data is processed.

1 Comment
Oldest
Newest Most Voted
Inline Feedbacks
View all comments

Managed Web Services

Covering Margate, Broadstairs, Ramsgate, Westgate, Birchington,Minster, Manston &  surrounding postcodes in Thanet and Kent.

Contact

Kent Innovation Center
Millennium Way
Broadstairs
Kent
CT10 2QQ

Tel: 01843 808480

 

Reviews from Google

  • Great work when helping me with some wordpress and SEO issues on my site! Plan to use again 🙂

    josh juniper Avatar josh juniper
    July 28, 2022

  • Awesome work! I really appreciate how well he applied all my thoughts and ideas into the website with no problems. I recommend Russ Michaels for all your website builds.

    Steven Saviors Avatar Steven Saviors
    August 26, 2020

  • Russ dealt with our project in a very professional and timely manner. He added value but making some very important recommendations around security. Thoroughly recommend and we will be working... read more

    Christian Blair Avatar Christian Blair
    September 20, 2019

  • We were very happy with Russ. He helped us sort out the email setup with google workspace and dmarc configurations and all is running smooth now. Thanks for your patience... read more

    Lakshmanjoo Academy Avatar Lakshmanjoo Academy
    February 28, 2023

  • Russ was excellent working on my small project. He was very helpful, knowledgable and conscientious. And very patient with my lack of technical know-how. I will hire him again for... read more

    Tina Richards Avatar Tina Richards
    June 26, 2019

  • Russ is great to work with, definatley knows his stuff and has become our go to IT man. Highly recomended .

    Elliot Higgins Avatar Elliot Higgins
    August 22, 2019

  • Worked with Russ for a good six months now and coming from a classic 'non techie' he has actually taught me a thing or two! Communication excellent and all issues... read more

    Medical Aesthetics Knutsford Avatar Medical Aesthetics Knutsford
    April 28, 2022

  • Russ is highly professional, delivers very high quality work on time . I would highly recommend him.

    Kim Barrow Avatar Kim Barrow
    January 19, 2020

  • Top notch services! We have worked with Russ on a few projects now and him helping us out has been like having a dedicated IT & Web Support... read more

    Farai Macheka Avatar Farai Macheka
    May 28, 2023

  • Russ has completely redesigned by website and SEO, now it looks a lot more professional, visually appealing and also secure. In just a month, my website visits have rocketed and... read more

    Bea B. Avatar Bea B.
    March 13, 2019
1
0
Would love your thoughts, please comment.x
()
x
Share This