Posted by Gary Williams on December 11, 2018

Over the past few weeks, I have been dealing a lot with spoofed email and unfortunately, in a few cases, the consequences of someone falling for a spoofed email. I do not blame the people who fall for them as the ones I have seen have been incredibly convincing. Today’s Anti-spam solutions are good once they have been tuned a little (and for this I always advocate whitelisting known good domains), but they will often pass spoofed email because essentially, a spoofed email is a legitimate business email. In fact, the people crafting these things do not want them to be caught up in a spam filter as the email is designed to fool someone into thinking it is real, clearly another mechanism is required to handle such emails – Enter SPF, DKIM and DMARC.

Learn More