DMARC
When was the last time you reviewed your email security settings?
If you are like most people, it probably isn’t recently.
And yet, if not properly configured, an attacker could potentially spoof your email domain and send email messages to employees, or even clients, that appear to be coming from your email service!
One configuration that is often overlooked is DMARC.
DMARC stands for “Domain-based Message Authentication, Reporting and Conformance”, and it is specifically designed to prevent email spoofing.
To accomplish this, the DMARC record should, at first, be set up in monitor mode and include both the ruf (forensic reports) and rua (aggregated reports) values.
After a DMARC record has been given sufficient time in monitor mode (i.e. p=none), the policy should be set to at least quarantine (p=quarantine), if not reject (p=reject).
You can easily test your email service’s DMARC settings with the online service https://dmarcian.com/domain-checker/.
If you are looking for a reliable and experienced offensive security service that provides Rock Solid Security, look no further than PEN Consultants for all your information and cybersecurity testing needs. Contact us: https://penconsultants.com/contact-us/