Reducing Cyber Risk and Improving Email Deliverability by using SPF and DKIM

Reducing Cyber Risk and Improving Email Deliverability by using SPF and DKIM RiskXchange The leader in Third-Party Cyber Risk Management

RiskXchange reduces the threat of cyber-attacks and improves email security and deliverability.

Cybercrime is fast-becoming a major problem. Reducing the threat of cyberattacks and improving email security and deliverability is now the number one priority for leading organisations worldwide.

At the core of any cyber defence is the improvement of email security and protecting the system against spam, phishing campaigns and other types of email-based attacks.

According to ZDNet, almost half of all businesses in the UK have succumbed to phishing attacks, with similar numbers reflected around the globe. Cybercrime is peaking and its methods are becoming more sophisticated. Businesses must therefore take the necessary steps to reduce their cyber risk and improve email deliverability.

Two of the most sophisticated security mechanisms designed to provide organisations with better email security and deliverability include Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM).

All you need to know about SPF and DKIM

SPF allows email senders to define which IP addresses are allowed to send mail for a particular domain. DKIM provides a digital signature and encryption key that verifies whether an email message is altered or forged.

Let’s start by explaining what each one does and what it can do to help improve your security:

What is SPF?

SPF is a tried-and-tested anti-spam approach, which authenticates the internet domain of an email sender. The benefits of undertaking such a task is to pinpoint spam mailers, those who routinely disguise the origin of their email through spoofing.

Within its information security page, StackExchange outlines how SPF uses DNS to publish a record of all mail transfer authorities (MTA) authorised to send mail on behalf of the domain. Recipient MTAs then query DNS for the SPF record and reconcile the list of approved IP addresses against the path the message actually took.

What is DKIM?

DKIM is a sophisticated email authentication method configured to detect forged sender addresses in emails. Often used to counteract phishing and email spam, DKIM cleverly fixes a digital signature to each outgoing email message to ensure its identifiable.

For the average individual, an email stating that it’s from Ebay or PayPal, for example, might not appear as a forged email. That’s why, according to SecurityTrails, it’s important to protect yourself from becoming a victim of email-based attacks. This is where DKIM comes into play.

StackExchange perfectly describes how DKIM uses asymmetric cryptography to digitally sign a message. A domain has a public/private key pair. DKIM will take a hash of several fields of an email, including To:, From:, Date:, etc. This hash is then signed with the private key of the domain and placed in the DKIM header. The domain public key is published in DNS and used to verify the authenticity of the email. Hence, improving email deliverability and security.

What are the benefits of having SPF and DKIM?

According to SparkPost, if you are a business that sends transactional or commercial emails, using both SPF and DKIM is a must. Not only will they protect your business from phishing and spoofing attacks, but will help protect your customer relationships and brand reputation. Ensuring your business-critical emails reach your customers’ inbox on time and not in their spam folder is key to business success in today’s highly-competitive market.

Reducing cyber risk

With the obscene amount of cyberattacks taking place worldwide, the reputation of organisations of any size are on the line. Doing nothing at all is no longer an option. By establishing basic cybersecurity measures, you are helping to protect your data and the reputation of your brand.

Alongside adopting SPF and DKIM to improve email deliverability and security, the National Cyber Security Centre suggests implementing the following basic cybersecurity measures to reduce cyber-attacks:

• Boundary firewalls and internet gateways — establish network perimeter defences, particularly web proxy, web filtering, content checking, and firewall policies to detect and block executable downloads, block access to known malicious domains and prevent users’ computers from communicating directly with the Internet

• Malware protection — establish and maintain malware defences to detect and respond to known attack code

• Patch management — patch known vulnerabilities with the latest version of the software, to prevent attacks which exploit software bugs

• Whitelisting and execution control — prevent unknown software from being able to run or install itself, including AutoRun on USB and CD drives

• Secure configuration — restrict the functionality of every device, operating system and application to the minimum needed for business to function

• Password policy — ensure that an appropriate password policy is in place and followed

• User access control — include limiting normal users’ execution permissions and enforcing the principle of least privilege

How to improve email security and deliverability

RiskXchange is one of the firms leading the fight against cybercrime and devising ways to improve email deliverability and security. By checking and monitoring SPF and DKIM settings, RiskXchange can make sure they have been configured correctly across your enterprise and your supply chain (eco-systems).

Once these protocols are properly installed, you will be taking the right steps toward reducing the threat of cyberattacks and improving email security and deliverability within your organisation.

About RiskXchange

RiskXchange is an information security technology company, that helps companies of all sizes fight the threat of cyber-attacks by providing instant cyber ratings for any company across the globe.

RiskXchange was founded and is led by recognised experts within the security industry, who have held leading roles within companies such as IBM Security.