Embedded Files
SPF / DKIM / DMARC
SPF / DKIM / DMARC
NOTE: You will need access to change DNS records for your domain to implement SPF, DKIM, and DMARC.
LEA spam protection is critical in preventing malicious actors from compromising the LEA. One layer in that protection is SPF, DKIM, and DMARC Once implemented, SPF, DKIM, and DMARC make it almost impossible to spoof an LEA’s email. This drastically reduces the risk of receiving malicious emails.
SPF, DKIM, and DMARC assist mail servers in knowing that senders are truly authorized to send emails from a domain. When properly set up, all three prove that the sender is legitimate, that their identity has not been compromised, and that they’re not sending email on behalf of someone else.
The National Institute of Standards and Technology, known as NIST, produced this document NIST Special Publication 800-177—Trustworthy Email, which covers all the aspects of securing email.
NOTE: LEAs may want to require all vendor's they work with to have SPF, DKIM, and DMARC records. It would be best practice to add this requirement to RFPs.
Protect parked, or unused domains
Protect parked, or unused domains
Some LEAs have two or more domains. LEAs should protect any non-sending domains with restrictive SPF/DKIM/DMARC records. Bad actors will actively search for unused domains to exploit.
Page updated
Report abuse