Want more timely Centmin Mod News Updates?
Become a Member

Email Sysadmin Preventing email spoof?

Discussion in 'System Administration' started by Jon Snow, Oct 14, 2018.

  1. Jon Snow

    Jon Snow Active Member

    379
    61
    28
    Jun 30, 2017
    Ratings:
    +92
    Local Time:
    7:37 AM
    Nginx 1.13.9
    MariaDB 10.1.31
    I use Zoho.

    Got an email in my spam inbox today from my email address with the title "your email has been hacked". Now, I know it definitely has not been hacked but it's likely just email spoofing.

    Is there a way to prevent these types of things? I can see it doing a lot of damage.
     
  2. wmtech

    wmtech Member

    71
    19
    8
    Jul 22, 2017
    Ratings:
    +45
    Local Time:
    12:37 PM
    Use SPF and DMARC. All professional mail servers should have it set up. If you use a service without, switch the service.
     
    • Like Like x 1
    • Agree Agree x 1
  3. eva2000

    eva2000 Administrator Staff Member

    36,915
    8,074
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,438
    Local Time:
    9:37 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    Yeahs steps for SPF/DKIM/DMARC which apply to centmin mod main host names at Email - Steps to ensure your site/server email doesn't end up in spam inboxes also apply to 3rd party @domain hosted emails like Zoho. Your Zoho setup should have instructions for SPF/DKIM setup and DMARC can be done via Postmark Email - Free Weekly DMARC Email Reports for Your Domain from Postmark

    old Zoho settings sticky including SPF/DKIM links Email - Zoho Mail Free @yourdomain.com Email Provider Setup Information
     
    • Like Like x 1
  4. Matt

    Matt Moderator Staff Member

    791
    351
    63
    May 25, 2014
    Rotherham, UK
    Ratings:
    +534
    Local Time:
    11:37 AM
    1.5.15
    MariaDB 10.2
    I've been seeing more and more of this. A already stated, setting a correct SPF and DKIM value. While most people set the all on the end of the SPF record to ~all, this will still be accepted as a soft fail. If you've had good deliver ability on your domain, setting -all and a hard fail should be OK and stop the spoofing.
     
    • Like Like x 1
    • Informative Informative x 1
  5. eva2000

    eva2000 Administrator Staff Member

    36,915
    8,074
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,438
    Local Time:
    9:37 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    Yeah though tricky to decide if you want to set to hard fail vs soft fail SPF Hard Fail vs Soft Fail though from seems SPF is not enough I have SPF, do I really need DMARC to protect my domain? What does DMARC do that SPF does not?, DMARC is needed
     
  6. Matt

    Matt Moderator Staff Member

    791
    351
    63
    May 25, 2014
    Rotherham, UK
    Ratings:
    +534
    Local Time:
    11:37 AM
    1.5.15
    MariaDB 10.2
    Yeah, I have DMARC as well. It's a real minefield when it comes to email deliverability.
     
    • Agree Agree x 1
  7. eva2000

    eva2000 Administrator Staff Member

    36,915
    8,074
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,438
    Local Time:
    9:37 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    Indeed that's why I wrote Email - Steps to ensure your site/server email doesn't end up in spam inboxes and why Centmin Mod doens't have native imap/pop3 support heh. Let the professional 3rd party @domain providers handle issues related to email deliverability on their end :)
     
..