Email Security
SPF, DKIM, DMARC, email filtering, and phishing prevention.
Overview
Email security protects against spam, phishing, and malware.
Email Authentication
SPF (Sender Policy Framework)
example.com. IN TXT "v=spf1 mx ip4:192.168.1.0/24 -all"
DKIM (DomainKeys Identified Mail)
selector._domainkey.example.com. IN TXT "v=DKIM1; k=rsa; p=MIGfMA0G..."
DMARC (Domain-based Message Authentication)
_dmarc.example.com. IN TXT "v=DMARC1; p=reject; rua=mailto:admin@example.com"
Email Filtering
# Spam detection
def check_spam(email):
spam_score = 0
# Check sender reputation
if email.sender in blacklisted_senders:
spam_score += 10
# Check content
spam_words = ['free', 'winner', 'click here']
for word in spam_words:
if word in email.body.lower():
spam_score += 1
return spam_score > 5
Email Security Gateway
| Feature | Purpose |
|---|---|
| Anti-spam | Block junk mail |
| Anti-phishing | Detect phishing |
| Anti-malware | Scan attachments |
| DLP | Prevent data loss |
| Encryption | Protect content |
Phishing Indicators
Architecture Diagram
Red Flags:
ā Suspicious sender domain
ā Urgent action required
ā Poor grammar/spelling
ā Unexpected attachments
ā Suspicious links
ā Request for credentials
Secure Email Configuration
# SMTP with TLS
import smtplib
from email.mime.text import MIMEText
msg = MIMEText('Secure message')
msg['Subject'] = 'Important'
msg['From'] = 'sender@example.com'
msg['To'] = 'recipient@example.com'
with smtplib.SMTP('smtp.example.com', 587) as server:
server.starttls()
server.login('user', 'password')
server.send_message(msg)
Best Practices
- Implement SPF/DKIM/DMARC ā Prevent spoofing
- Email encryption ā S/MIME, PGP
- User training ā Phishing awareness
- Attachment filtering ā Block dangerous types
- Link protection ā URL scanning
Practice
Configure SPF, DKIM, and DMARC for a domain.