trust Flashcards
(13 cards)
What are the three main indicators of trust in email?
Envelope (metadata like headers), Content (body and From field), and Context (what we know/believe about the sender or message).
Why can trusting the email ‘From’ field be misleading?
The content From: is part of the message and can be spoofed, while the envelope-from is set by sending systems and also not reliably authenticated in SMTP.
What are MX records used for?
MX (Mail eXchanger) DNS records indicate the mail server responsible for accepting emails for a domain, ordered by priority.
What does an MX lookup show for bath.ac.uk?
It returns bath-ac-uk.mail.protection.outlook.com with priority 10, showing where email for the domain should be routed.
What is the issue with SMTP security?
SMTP lacks built-in checks to verify message authenticity. Anyone can send an email pretending to be from any address.
What is SPF (Sender Policy Framework)?
A system where domain owners use DNS to list authorized mail servers for sending email from their domain.
What is DKIM (DomainKeys Identified Mail)?
It adds a digital signature to outgoing emails, allowing recipients to verify that the message came from the sender’s domain.
What did Yahoo require from bulk senders in 2024?
Yahoo began requiring SPF and DKIM for bulk emails to be accepted. Gmail followed with similar requirements.
What is DMARC and what does it do?
DMARC lets domain owners publish policies in DNS specifying how to handle unauthenticated messages using SPF/DKIM, and provides feedback reports.
How does DMARC determine policy enforcement?
It checks if the From: domain aligns with authenticated SPF or DKIM records. If either aligns, the email passes DMARC.
Why is DMARC adoption not universal?
Due to setup complexity, lack of staff/resources, confusing reports, and common use of the default ‘p=none’ policy which does not enforce protection.
What is a limitation of DMARC highlighted in 2024?
DMARC only prevents exact domain spoofing, not lookalike domains like xx.com impersonating x.com visually or stylistically.
What practical steps can users take to verify email trust?
Check link targets by hovering, verify DMARC records for the sending domain, and evaluate context cues like unexpected requests.
