While I’m thinking aloud, DMARC is also a really really good idea to prevent phishing. But setting policy to be none, you can start to quantify answers to the question: “Is my domain being used in phishing scams?”, and if it is, set policy to “reject” to ensure that all emails purporting to be from your domain that fail validation are dropped.

This accounted for a substantial drop in PayPal phishing attacks over the last few years. (https://dmarc.org/2015/02/kaspersky-phishing-attacks-on-paypal-down-due-to-dmarc/)

Written by

Engineer. Staff at Anthrocon, Anthro New England, Midwest FurFest, Furry Migration, Eurofurence. AWS, Splunk, Docker, DMARC, White Mage, he/him

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store