Don't Get Spoofed: MX, SPF, DKIM, and DMARC

one of my first cybersecurity gigs was helping a client lock down their email domain after they realized someone was spoofing their email address. last week i found myself dealing with email domain records again, first for another client who got a new domain and wanted to switch email clients and then for myself as i set up ART Educational with Proton Mail. there are five major things to consider with email: the MX record which defines routing from the email domain to the email server, the SPF record that ensures that sent emails come from authorized servers, the DKIM record that verifies that the emails haven’t been altered in transit, and the DMARC record that sets polices that instruct the recipient mail servers on how to handle authentication failures.it isn’t all that complicated but you would be amazed how often email isn’t set up correctly or with full security. for a small business this can be catastrophic as emails will go unsent, get rejected, end up in recipients spam folders, or worst of all, be sent by malicious actors pretending to be you and asking for money or sensitive information seemingly from your email address.