You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: files/en-us/web/security/attacks/phishing/index.md
+1-1Lines changed: 1 addition & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -31,7 +31,7 @@ One thing that makes phishing challenging for a website to defend against is tha
31
31
Phishing emails often forge the sender address, to make the victim think that the email really came from the target website. Three {{glossary("DNS")}} records help email servers detect these forgeries, which helps ensure that phishing emails are marked as spam in the victim's email client, or are blocked entirely.
32
32
33
33
- The [Security Policy Framework (SPF)](https://www.cloudflare.com/en-ca/learning/dns/dns-records/dns-spf-record/) record lists addresses that are allowed to send an email from the domain. A receiving email server extracts the domain name from the email's `Return-Path` header, and looks up the SPF record associated with that domain.
34
-
- The [DomainKeys Identified Mail (DKIM)](https://www.cloudflare.com/en-ca/learning/dns/dns-records/dns-dkim-record/) record enables the sender to {{glossary("digital signature", "digitally sign")}} emails. The receiving server extracts the domain name from the signature, and uses it to look up looks up the DKIM record associated with that domain. The DKIM record includes the public key used to verify the signature. The domain name in the signature must also be aligned with the domain name in the email's `From` header (this essentially means that the domain names must match or the value in the `From` header must be a subdomain of the domain in the signature).
34
+
- The [DomainKeys Identified Mail (DKIM)](https://www.cloudflare.com/en-ca/learning/dns/dns-records/dns-dkim-record/) record enables the sender to {{glossary("digital signature", "digitally sign")}} emails. The receiving server extracts the domain name from the signature, and uses it to look up the DKIM record associated with that domain. The DKIM record includes the public key used to verify the signature. The domain name in the signature must also be aligned with the domain name in the email's `From` header (this essentially means that the domain names must match or the value in the `From` header must be a subdomain of the domain in the signature).
35
35
- The [Domain-based Message Authentication Reporting and Conformance (DMARC)](https://www.cloudflare.com/en-ca/learning/dns/dns-records/dns-dmarc-record/) tells the recipient how to handle SPF and DKIM failures: whether to quarantine them as spam, reject them, or allow them.
36
36
37
37
You should set these DNS records for your domains, to help email servers recognize forged messages.
0 commit comments