Prevent spam/phishing/illegitimate email traffic on your (dormant/parked) domain
Protecting domains that do not send emails can be achieved by implementing specific types of DNS TXT records.
we use 3 TXT DNS records to kill the possible usage of our domain for spoofing/spam/etc…
- Sender Policy Framework (SPF)
- DomainKeys Identified Mail (DKIM)
- Domain-based Message Authentication, Reporting and Conformance (DMARC)
;; TXT Records _dmarc.cln.io. 1 IN TXT "v=DMARC1; p=reject; sp=reject; adkim=s; aspf=s;" *._domainkey.cln.io. 1 IN TXT "v=DKIM1; p=" cln.io. 1 IN TXT "v=spf1 -all"
Type | Name | Content | TTL |
TXT | cln.io | v=spf1 -all | Auto/Default |
TXT | *._domainkey | v=DKIM1; p= | Auto/Default |
TXT | _dmarc | v=DMARC1; p=reject; sp=reject; adkim=s; aspf=s; | Auto/Default |