BuycPanel Blog

BuycPanel Blog

Latest news and updates

These Five Techniques Will Help You Say Goodbye to Phishing

Posted by Jamison on 09 05 2016.

Whatever time of the year it is, you should always prevent phishing emails from entering your inbox and going out of your servers. Here’s what you can do to finally say goodbye to these annoying, even dangerous emails.

 

Enable DKIM

 

DomainKeys Identified Mail, more commonly referred to as simply DKIM, is one of cPanel’s most powerful tools. Basically, it acts as an email authenticator, digitally signing the email claiming responsibility for the messages. In other words, it provides you with the chance to determine which emails are legitimate or possibly forged.

 

When you enable DKIM on your cPanel account, the tool will use information about the domain where the email came from. Through this piece of information, you can then confirm that the domain name’s legal owner really sent the message you received.

 

Enabling DKIM involves the creation and adding of a TXT to a DNS zone. Afterwards, a special code is included in…

Whatever time of the year it is, you should always prevent phishing emails from entering your inbox and going out of your servers. Here’s what you can do to finally say goodbye to these annoying, even dangerous emails.

 

Enable DKIM

 

DomainKeys Identified Mail, more commonly referred to as simply DKIM, is one of cPanel’s most powerful tools. Basically, it acts as an email authenticator, digitally signing the email claiming responsibility for the messages. In other words, it provides you with the chance to determine which emails are legitimate or possibly forged.

 

When you enable DKIM on your cPanel account, the tool will use information about the domain where the email came from. Through this piece of information, you can then confirm that the domain name’s legal owner really sent the message you received.

 

Enabling DKIM involves the creation and adding of a TXT to a DNS zone. Afterwards, a special code is included in the headers of all outgoing e-mails. Servers that receive these headers will compare it with the details set on the DNS zone. Matching data will lead to the email’s delivery.

 

Activate SPF

 

Another useful email system you can use with your cPanel account to check domain identities is the Sender Policy Framework, or SPF, as it is more commonly called. This spam fighter ensures that the domain matches with the IP address used to send the email from. Like DKIM, it helps reduce the number of forged emails that get into your inbox.

 

At its core, it is a TXT record part of a DNS zone file of a given domain. The TXT record is tasked to specify the host names and/or IP addresses of authorized senders. Upon placing the entry within the DNS zone, you do not have to do anything else just to benefit from the use of SPF-checking servers. SPF records are added through the same process as other regular records, such as A, CNAME, and MX.

 

Take Advantage of SpamAssassin

 

As for email utilities, one of your best options to counter spam is SpamAssassin. This program can help you considerably reduce the amount of useless, even potentially-dangerous mail through its filtering technology. It checks all incoming email and test them for any spam-like characteristics.

 

To screen all incoming emails, it utilizes Bayesian spam filtering as well as network testing. Once done, it produces an overall score. It then compares the overall score with a predefined score. If the message reaches this pre-set, the tool will not deliver the message to your inbox.

 

Get BoxTrapper

 

BoxTrapper is another email utility you should use to filter spam from your email accounts. It works through the use of the “challenge-response” verification system. Every time someone sends an email message to a BoxTrapper-activated cPanel account, the tool automatically notifies you with a verification email.

 

Always Verify the URL

 

Last, but not the least, is URL verification. It pays to always check the domain name of a website to ensure you really are in the website you intended to visit. For instance, you want to visit Google.com. Before you enter your login credentials, check the URL indicated in the browser to confirm that you are in Google.com. If not, then it only means one thing: you should not provide your login information.

 

Just follow these tips and you can already minimize phishing emails coming from other accounts and going out of your servers.