AntiEmailSpoof - Email Domain Security Checker

How It Works

This tool checks two essential email security protocols:

• SPF (Sender Policy Framework): Verifies which mail servers are authorized to send emails from your domain.
• DMARC (Domain-based Message Authentication, Reporting & Conformance): Tells receiving mail servers what to do with unauthorized emails.

Why It's Important

Email spoofing is a common technique used in phishing attacks where attackers impersonate legitimate email addresses. Proper SPF and DMARC configuration helps prevent:

• Phishing attacks
• Brand impersonation
• Email fraud

Recommended Configuration

To secure your domain against email spoofing:

1. Set up SPF record with all legitimate mail servers:
   v=spf1 include:_spf.google.com include:_spf.microsoft.com ip4:192.168.1.1 -all Copy

   This example allows emails from Google Workspace, Microsoft 365, and a specific IP address.

2. Configure DMARC policy:
   v=DMARC1; p=reject; rua=mailto:reports@yourdomain.com; pct=100 Copy

   Where:

   • p=reject - Reject unauthorized emails
   • rua=mailto:reports@yourdomain.com - Where to send reports
   • pct=100 - Apply to 100% of emails

Check Manually

You can verify your domain's configuration using these commands:

Check SPF Record:

Expected output example:
yourdomain.com. 3600 IN TXT "v=spf1 include:_spf.google.com -all"

Check DMARC Record:

Expected output example:
_dmarc.yourdomain.com. 3600 IN TXT "v=DMARC1; p=reject; rua=mailto:reports@yourdomain.com; pct=100"