How to stop email spoofing of parked domains

Publishing a DMARC record for unused domains is a good idea. Here's how.

incoming emails / DNS security / locked server / parked domain
Thinkstock / Imaginima / Getty Images

Deploying DMARC to prevent email spoofing is a no-brainer. No one wants spoofed email from @yourdomain.com that could easily lead to a successful phishing attack or business email compromise (BEC). But have you deployed DMARC (Domain-based Message Authentication, Reporting and Conformance) for domains you own that do not send or receive email?

Consider this: If you run acmecorp.com, maybe you also own acnecorp.com. Not saying your complexion is poor, but it's a good typosquatting purchase, and a cheap insurance policy against phishing or impersonation. With DMARC deployed for acmecorp.com, spoofed emails like IAmTheCEO@acmecorp.com are toast. What about a spoofed email from acnecorp.com? You see the problem.

Publishing a DMARC record that says, "Yo, world! This domain is never, ever used for email, and if you ever get email from this domain, it is by definition not genuine" is the best way to prevent this kind of attack.

How to turn off email for parked domains

To continue reading this article register now

What is security's role in digital transformation?