Should I set up SPF, DKIM, DMARC, or forward email to Gmail account?

  • Thread starter WWGD
  • Start date
  • Tags
    Email
In summary, setting up SPF, DKIM, and DMARC is essential for enhancing email security and preventing spoofing, while forwarding emails to a Gmail account can simplify management but may compromise these protections. Choosing between these options depends on your specific needs for email deliverability and security.
  • #1
WWGD
Science Advisor
Gold Member
7,411
11,414
TL;DR Summary
Tired of (seemingly) excessive Spam, email spoofing scam. Should I set protocols or forward mail through filter
Ok, so now occasional spam, scam mails in my Outlook account have become almost weekly, and I want to reduce them to the degree feasible. Ive had my account spoofed too. Upon reading, seems setting up the triplet SPF, DKIM, DMARC, will lower such junk. Another option is forwarding my Outlook emails to a Gmail account. This would provide double-filtering and it's simpler to implement. The three above protocols are implemented in gmail under the hood. The latter seems preferable, less effort. Just to see what others here think. TIA.
 
  • Like
Likes amarsharmaastrologer
Computer science news on Phys.org
  • #2
WWGD said:
Ok, so now occasional spam, scam mails in my Outlook account have become almost weekly,
"almost weekly"?!? You lucky dog! I get several a day, and occasionally I get dozens in a batch. They are usually easy to recognize from the title. It's a routine thing to delete them.
 
  • #3
FactChecker said:
"almost weekly"?!? You lucky dog! I get several a day, and occasionally I get dozens in a batch. They are usually easy to recognize from the title. It's a routine thing to delete them.
Well, I agreed , until my email account started being spoofed. I don't mind making the effort to implement a few protocols or forward my messages. Do you get yours in an Outlook or a Gmail ( or other) accounts?
 
  • #4
DMARC is a super pain in the rear and hardly does anything but load up my email with provider reports daily. You should however set up SPF and DKIM. Those are essential these days to not land in the spam box.
 
  • Like
Likes WWGD
  • #5
Greg Bernhardt said:
DMARC is a super pain in the rear and hardly does anything but load up my email with provider reports daily. You should however set up SPF and DKIM. Those are essential these days to not land in the spam box.
Thank you. the reason for for the forwarding was to avoid Outlook's reputation as "Your Grandma's email program". I will combine SPF, DKIM with Tron Script and Rkill as a basic security setup; using them after starting in Safe Mode, if needed. Safe Mode, RKill, then Tron Script( Which sounds like a German pronounciation of " Transcript " in English)
 
  • #6
WWGD said:
Upon reading, seems setting up the triplet SPF, DKIM, DMARC, will lower such junk.
All of these protocols are used to identify a sender. If an email server can verify the identity of the sender, it will either flag it as spam or even reject it. Hotmail and Gmail are both doing this [basic] verification on all incoming emails. They also, of course, identify themselves appropriately with all outgoing emails.

To lower junk with them, you must classify the undesired emails as spam to help the spam filters do their job.

To get full control, you should make a filter for a whitelist for your inbox, a blacklist for deleting already known undesirable emails, and send the rest to your spam folder by default for you to review carefully before answering them.
Greg Bernhardt said:
DMARC is a super pain in the rear and hardly does anything but load up my email with provider reports daily.
If the daily reports are no longer relevant, you can remove the rua and ruf tags (containing your email address) from your SPF record. Those tags are optional:

https://www.rfc-editor.org/rfc/rfc7489#section-6.3 said:
rua: Addresses to which aggregate feedback is to be sent (comma-
separated plain-text list of DMARC URIs; OPTIONAL). [...] A
Mail Receiver MUST implement support for a "mailto:" URI, i.e.,
the ability to send a DMARC report via electronic mail. If not
provided, Mail Receivers MUST NOT generate aggregate feedback
reports. URIs not supported by Mail Receivers MUST be ignored.
[...]

ruf: Addresses to which message-specific failure information is to
be reported (comma-separated plain-text list of DMARC URIs;
OPTIONAL). If present, the Domain Owner is requesting Mail
Receivers to send detailed failure reports about messages that
fail the DMARC evaluation in specific ways (see the "fo" tag
above). [...] A Mail Receiver
MUST implement support for a "mailto:" URI, i.e., the ability to
send a DMARC report via electronic mail. If not provided, Mail
Receivers MUST NOT generate failure reports. [...]
 
  • Like
Likes Greg Bernhardt and WWGD
  • #7
Thanks all. Does anyone know how I can access my DNS records, given I have a basic old Outlook account, and not one from an "External " domain such as GoDaddy I can look it up in? I also don't have a license for Office 365 , which would allow me to access my DNS reccords through Office 365 Admin.
 
  • #8
Modifying DNS records is for the owner of the domain name only (for example, hotmail.com or gmail.com).

Reading them is public. Here is a popular online tool to access them: https://mxtoolbox.com/SuperTool.aspx
 
  • Like
Likes WWGD
  • #9
WWGD said:
Upon reading, seems setting up the triplet SPF, DKIM, DMARC, will lower such junk.

You have misread: these settings relate to mail you send, not (possibly junk) mail you receive. They are not settings related to your individual email account, they relate to all mail sent from a domain, and If you are using an outlook.com email address then these settings are implemented on Microsoft's servers and there is no purpose (other than curiosity) in looking at them.

WWGD said:
Another option is forwarding my Outlook emails to a Gmail account. This would provide double-filtering and it's simpler to implement.

If you want a different level of filtering then it would be even simpler to just change your settings for your outlook.com account: https://support.microsoft.com/en-gb...l-filter-e89c12d8-9d61-4320-8c57-d982c8d52f6b
 
  • Like
Likes WWGD
  • #10
pbuk said:
You have misread: these settings relate to mail you send, not (possibly junk) mail you receive. They are not settings related to your individual email account, they relate to all mail sent from a domain, and If you are using an outlook.com email address then these settings are implemented on Microsoft's servers and there is no purpose (other than curiosity) in looking at them.



If you want a different level of filtering then it would be even simpler to just change your settings for your outlook.com account: https://support.microsoft.com/en-gb...l-filter-e89c12d8-9d61-4320-8c57-d982c8d52f6b
Thanks, I did get that it was my outgoing mail that would be affected. Just wanted to do my part. But, I get it, Microsoft has implemented it domain-wide.
 
  • #11
Ok, thanks all. I realized the three protocols are implemented at the _ domain_ level and I have just an email account and not a domain. Besides, Hotmail/Outlook, does implement it at the domain level. Egg on my face, big disgrace, etc.
 

Similar threads

Using Word for Equation Editing
Replies
15
Views
1K
Recently received email from PF. is it spam?
Replies
7
Views
3K

Hot Threads

Recent Insights

Back
Top