Via programming, it is possible for a third party to send messages to your contacts pretending to be you. Indeed, the code allowing to send messages gives the possibility of including a sender and a receiver. Unfortunately, nothing prevents any developer from using your email. In this article, we will see how to configure a domain name to avoid its fraudulent use. It is important to note that this only applies if you have a custom domain name. In other words, this method does not apply to personal email addresses such as gmail.com or yahoo.com… Regarding your personal email offered by an external company, refer to their recommendation.
How to restrict the use of your email address by hackers?
Below are the steps to follow.
1 – Generate the SPF data ( Sender Policy Framework[en anglais] ) for your domain name
The SPF record is a method you can use to inform mail servers that a specific mail server is authorized to send mail from your domain name. In other words, it is a means of control for any company wishing to limit abuse. To generate the SPF data, you can either use the recommendations available through your server or do it manually.
2- Add the SPF data in the configuration of your domain name
Here are the steps to follow:
- Connect to the site where you manage your domain name. (DNS information of your domain name). You can make the changes on the domain name provider site. In some (cases), if you manage your domain configuration on your web server, changes can also be made there.
- Navigate to your domain name’s DNS.
- In the options list, you need to create a TXT record to add the previously created SPF configuration
- Save your recordings
If you are working with a developer, you can experiment by simulating sending email through a third-party server. Therefor, you may be able to judge whether the configuration worked or not.