Posted by Richard Kennedy on 10/03/16 15:30
Email spoofing is the creation of email messages with a forged sender address. It is easy to do because the core protocols do not have any mechanism for authentication. It can be accomplished from within a LAN(Local Area Network) or from an external environment. Spam and phishing emails typically use such spoofing to mislead the recipient about the origin of the message.
By adding SPF (Sender Policy Framework) records to your existing DNS information, this will increase the chances that any spoofed email will be detected and is an added security measure, as all incoming emails will have the sender information validated. Please note that by adding an SPF record does not make this 100% full proof.
Here are some external articles about spoofing:
Below are the SPF records, please use the one relevant to your platform.
"v=spf1 a:dispatch-us.ppe-hosted.com ~all"
"v=spf1 a:dispatch-eu.ppe-hosted.com ~all"
Please Note: Proofpoint Essentials does not block an email outright for the SPF entry. This is because there are a large number of domains that have an incorrect SPF record. We will just increase the overall spam score.
A soft fail (~all) will increase the spam score moderately (which may not quarantine a message dependent on your spam threshold specified) whereas a hard fail (-all) will increase the score aggressively and quarantine the message if triggered.