Positive Identity for HCL Domino 

Email Authentication Standards for HCL Domino. 

SPF, DKIM, and DMARC Identity Checks on Domino (really). We know people needed this 10 years ago... 

Email Authentication Standards

1

DKIM and Sender-ID

Checks to see if the author of the email is who they claim to be
2

SPF

Checks to see if the server is allowed to send messages on behalf of the author
3

DMARC

Allows or denies delivery based on polices

What is SPF, DKIM and DMARC?

SPF HCL Domino
SPF

SPF (Sender Policy Framework) is an email authentication method designed to detect forged sender addresses during the delivery of the email. SPF detects a forged sender claim in the envelope of the email. Checking the FROM against SPF can be used to detect the forging of the visible sender in emails (i.e. email spoofing), a technique often used in phishing and email spam. 

DKIM HCL Dmino
DKIM

DKIM allows the receiver to check that an email claiming to have come from a specific domain was indeed authorized by the owner of that domain. It achieves this by affixing a digital signature, linked to a domain name, to each outgoing email message. The recipient system can verify this by looking up the sender's public key published in the DNS. A valid signature also guarantees that some parts of the email have not been modified since the signature was affixed.

DMARC HCL Domino
DMARC

DMARC extends two existing email authentication mechanisms, Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM). It allows the administrative owner of a domain to publish a policy in their DNS records to specify which mechanism (DKIM, SPF or both) is employed when sending email from that domain; how to check the From: field presented to end users; and how the receiver should deal with failures.

Spoof Proof Your Domino Servers

Spoofed messages are an everyday threat to organizations worldwide. Positive Identity performs  Identity checks to stop the most popular email spoofing: Internal email spoofing. Messages that purport to come from your own domain but are really external are quickly stopped with Positive Identity. Even if they are not blocked as spam, Positive Identity detects sender spoofing using SPF, DKIM, and DMARC and quarantines these messages.

SPF HCL Domino
SPF HCL Domino
Samples of Internal Email Spoofing

CEO, asking for an urgent wire transfer
IT telling you to install an "update"
IT saying your mailbox is full
Help Desk saying you need to update your password 

Case Study: CEO Internal Email Spoofing

This is one of the most common and successful attacks: The CEO request for a wire transfer. Most of these are for less than $50,000 USD.  That's because 50k and under doesn't normally need need two signatures. This attack needs the victim to quickly act before it is discovered as a scam.

SPF HCL Domino

© Copyright 2021 Maysoft - All Rights Reserved