In order to protect our customers from malicious email to fax activity (ex email spoofing), we have implemented email security measures designed to help prevent such activity.
These policies include the requirement of SPF and DKIM records for any email domain that wishes to utilize our Email to Fax function. DMARC records are also highly encouraged.
Any inbound emails that fail to pass the verification of SPF and DKIM will be automatically rejected.
What is SPF, DKIM, and DMARC?
SPF is a TXT record on YourDomain.com that tells email providers that only a certain set of IP addresses can be used to send emails as YourDomain.com.
A typical SPF record looks something like the following:
v=spf1 ip4:34.243.61.237 ip6:2a05:d018:e3:8c00:bb71:dea8:8b83:851e include:thirdpartydomain.com -all
DKIM is also a TXT record that helps to verify emails coming from YourDomain.com. On the server-side, DKIM signs each email and provides a link to verify the signature. This link is an actual DNS record that includes a public signature.
An example of a DKIM record looks like the following:
v=DKIM1;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDhkOo8s6fh9Byz1uy69tfQ6eUnzi/5P22EWccwI1PdmCpiyNwZcq3vOS2MHbVYB+ZY6wbBksu3zEHbZY9OTlJ3+dzt8qTUNW5olkNVl4ecDv3XO2ML8q5sxQL+dwQU6UAQiDAAC/ZRWwiXHrSsr90pqH1Q0vhB7Kp6DHrWYJquQIDAQAB
In addition to SPF and DKIM, we also encourage customers to deploy a DMARC record. DMARC is a policy that tells what to do with emails that didn't pass the verification of SPF and DKIM.
A typical DMARC record looks like the following:
v=DMARC1; p=reject
Here are links to additional help articles on setting up SPF, DKIM, and DMARC:
- Sender Policy Framework (SPF) - SPF specifies which domains can send messages for your organization.
- DomainKeys Identified Mail (DKIM) - DKIM verifies that message content is authentic and not changed.
- Domain-based Message Authentication, Reporting & Conformance (DMARC) - DMARC specifies how your domain handles suspicious emails.