Hi All,
Haven’t posted here as I was having issues seeing replies to my own posts. Hopefully I can view at this time.
We had a recent issue where someone spoofed the owner of the company. A team member changed some enhanced settings in Google admin console to help, however I thought it might be due to dns records. The owner was not the only user that the spoofing alerts went off with, however because it was him, everyone got concerned.
I checked the client DNS in Amazon route 53. They have an SPF and DKIM. However there is no DMARC record. I am still reading more on both to determine the best fix. I am unable to find a solid answer so I’m asking the community. Is a DMARC record needed to check SPF or DKIM? Will they be checked independently or is there a specific settings to create the check? It’s been a while since I dealt with email security, however the only thing I noticed is that DMARC is the only record not in DNS.
Thanks all,