IT Solution for Spoofed Emails
EKU IT has implemented a solution on the eku.edu domain that will allow sender organizations to verify valid email messages from EKU. This should significantly decrease spoofs of employee email. Spoofed emails are used by spammers and phishers to impersonate legitimate sending domains (e.g., eku.edu). NOTE: A similar solution for the student email domain (mymail.eku.edu) is 3-6 months away according to a Microsoft blog.
The email solution uses three tools that work together not only as a spam/spoofing solution but overall email security.
Sender policy framework (SPF). This allows recipients to verify sender identity at the organizational level by allowing domain owners to publish, via DNS, the IP addresses that are authorized to send emails from their domains. If an email server can’t verify the sender’s address the email can be construed as forged.
Domain keys identified mail (DKIM). This is another step in the authentication process that includes a private and public cryptographic signing. The public key is published by EKU to vouch for the eku.edu domain. If an incoming email doesn’t have the matching private key, it fails authentication.
Domain-based message authentication (DMARC). The last piece works with the SPF and DKIM to provide detailed information on who is attempting to spoof the eku.edu domain when it occurs.
Image borrowed from dmarc.org