How to prevent Spoofing of my email?


Spoofing is the act of disguising an email so that it appears to be from someone other than the sender. This can be done for various reasons, such as to trick the recipient into giving out sensitive information or to spread malware or other malicious content. To prevent spoofing of your email, there are several steps you can take:

  1. Use a strong and unique password for your email account. Avoid using the same password for multiple accounts, and make sure it is not easily guessable.
  2. Enable two-factor authentication (2FA) for your email account. This adds an extra layer of security, requiring you to enter a code sent to your phone or another device in addition to your password when logging in to your email.
  3. Be cautious when clicking links in emails, especially if the email is from an unknown sender or if it seems suspicious. Hover over the link to see the full URL before clicking on it, and avoid clicking on links that look suspicious or too good to be true.
  4. Use a reputable security suite to protect your computer and other devices from malware and other threats. This can help to prevent malicious software from being installed on your device, which could be used to steal your login information or to send spoofed emails from your account.
  5. If you receive an email that appears to be from someone you know but seems suspicious or out of character, contact the person directly to verify that they actually sent the email. This is especially important if the email contains a request for sensitive information or a request to click on a link.
  6. If you notice any suspicious activity on your email account, such as messages being sent that you did not write, contact your email provider immediately to report the issue and to request assistance in securing your account.
  7. Consider using an email provider that offers enhanced security features, such as advanced spam filtering, to help protect your account from spoofing and other threats.

By taking these steps, you can help to protect your email account from being spoofed and reduce the risk of falling victim to scams or other malicious attacks. It is important to be vigilant and cautious when using email, and to take steps to secure your account to prevent others from gaining access to it.

DMARC, which stands for Domain-based Message Authentication, Reporting and Conformance, is an email authentication protocol that helps to protect against spoofing by verifying the sender of an email. It works by using two other email authentication protocols, SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail), to determine whether an incoming email is legitimate.

When an email is sent, DMARC checks the domain in the “from” field against the domain listed in the SPF and DKIM records for the sender. If the domains match and the email passes both SPF and DKIM checks, it is considered to be legitimate and is delivered to the recipient’s inbox. If the domains do not match or the email fails one or both of the authentication checks, it is considered to be a spoofed email and is either blocked or sent to the recipient’s spam folder.

By implementing DMARC, organizations can help to prevent their domain from being used in spoofed emails and protect their brand and reputation. It also allows them to receive reports on any failed authentication attempts, which can be used to identify potential security threats and take appropriate action. Overall, DMARC is an important tool for protecting against email spoofing and improving the security of email communications.

What are the benefits of buying a domain name that has been recently expiring from the market?


There are several potential benefits to buying a domain name that has recently expired from the market:

  1. Established history: An expired domain may have already had an established history, which can include backlinks, indexed pages, and even search engine rankings. This can provide a head start in terms of SEO and give you a better chance of ranking well in search results.
  2. Brand recognition: An expired domain may already have some brand recognition, which can be beneficial if you are planning to launch a similar business or website. This could save you time and money in building brand awareness.
  3. Traffic: An expired domain may already have some traffic, which can be beneficial if you are planning to launch a similar business or website. This could save you time and money in building traffic.
  4. Age: An expired domain may be older than a newly registered one, and search engines tend to favor older domains over newer ones. This can help your website to rank better in search results.
  5. Cost: An expired domain may be cheaper than buying a new one, especially if the domain has a high value, such as a good keyword or a high search volume.

It’s worth noting that there is also a risk when buying expired domains, as some of them may have been used for spamming, black hat SEO or other illegal activities that can penalize your site. It’s recommended to check the domain history and be sure that the domain wasn’t used for any illegal activities before buying it.

What to do to make your email safe?


There are several steps you can take to make your email safer:

  1. Use a secure email service: Choose an email service that uses secure communication protocols, such as Transport Layer Security (TLS), to encrypt your email communication.
  2. Use strong passwords: Use strong, unique passwords for your email account and do not share them with anyone. Consider using a password manager to help you generate and manage strong passwords.
  3. Enable two-factor authentication: Two-factor authentication adds an additional layer of security to your email account by requiring you to provide a second form of authentication, such as a code sent to your phone, in addition to your password.
  4. Be cautious with links and attachments: Do not click on links or download attachments from unknown sources, as these could contain malware or lead to phishing attacks.
  5. Use email authentication protocols: Implement email authentication protocols, such as DMARC, DKIM, and SPF, to help protect against spam, phishing, and spoofing.
  6. Keep your software and devices up to date: Make sure to keep your email client software and devices up to date with the latest security patches and updates.

By following these steps, you can help to improve the security of your email and protect yourself against various types of threats.

DMARC, DKIM and SPF explained

DMARC, DKIM, and SPF are all email authentication protocols that help to protect against various types of threats on the internet, including spam, phishing, and spoofing. Here is a brief overview of each protocol and why you should consider implementing them:

  1. DMARC (Domain-based Message Authentication, Reporting, and Conformance): DMARC is an email authentication protocol that helps to protect against spam and phishing attacks by verifying that messages are sent from an authorized domain. By implementing DMARC, you can help to ensure that only messages sent from authorized domains are delivered to your users, and you can also receive reports on any messages that fail DMARC evaluation.
  2. DKIM (DomainKeys Identified Mail): DKIM is an email authentication protocol that uses digital signatures to verify the authenticity and integrity of messages. By implementing DKIM, you can help to ensure that your messages are not modified during transit and that they are sent from an authorized domain.
  3. SPF (Sender Policy Framework): SPF is an email authentication protocol that helps to prevent spoofing by verifying that messages are sent from an authorized IP address. By implementing SPF, you can help to ensure that only messages sent from authorized IP addresses are delivered to your users.

To implement these protocols, you will need to modify the DNS records for your domain and configure your email server to use them. You may also need to work with your email provider or IT department to ensure that the protocols are properly implemented.

Overall, implementing DMARC, DKIM, and SPF can help to improve the security of your email communication and protect your domain and email against various types of threats.

What are the best tools to check the domain name history in the past if you want to buy a domain name?


Before buying a new domain name, it’s important to check its history to ensure that it has not been used for any malicious or illegal activities. Here are some of the best tools to check domain history:

  1. WHOIS Lookup: WHOIS is a publicly available database that contains information about domain ownership and registration. You can use a WHOIS lookup tool such as whois.com to see the current and past owners of a domain, as well as its registration and expiration date.
  2. Wayback Machine: The Wayback Machine is a digital archive of the internet that allows you to view the history of a website. You can use the Wayback Machine to see how a website looked in the past and check for any previous content that may be inappropriate.
  3. Google Search: You can use Google Search to find information about a domain’s history. Simply search for the domain name and look for any articles, blog posts, or other content that may mention the domain.
  4. DomainTools: DomainTools is a comprehensive tool that provides information on domain names, including WHOIS data, historical data, and IP information. It allows you to check the domain’s history, such as the past ownership, DNS records, and historical DNS data.
  5. Archive.org: Similar to the Wayback Machine, Archive.org allows you to view the history of a website by taking snapshots of the website over time. You can use it to check the domain’s history and see how it has changed over time.

It’s important to note that these tools can provide useful information, but they may not have a complete history of the domain name, so it’s good to use multiple tools to check the domain history.

What is DKIM?


DKIM, or DomainKeys Identified Mail, is a security measure that is used to verify the authenticity of an email and protect against spam, phishing, and other types of email fraud. In this blog post, we will explore what DKIM is, how it works, and why it is important for protecting your email system and your online reputation.

What is DKIM?

DKIM is an email authentication method that allows the person or organization sending an email to associate a digital signature with the email. The signature is created using a private key and is attached to the email in the form of a DKIM-Signature header. The signature is then verified by the recipient’s email server using a public key that is stored in a DKIM record in the domain’s DNS.

How does DKIM work?

When an email is sent, the sender’s mail server adds a DKIM-Signature header to the email that includes the digital signature. The header also includes information about the domain, the selector (a unique string that is used to identify the key pair), and the algorithm that was used to create the signature.

When the email is received, the recipient’s email server retrieves the public key from the sender’s DKIM record in the DNS and uses it to verify the signature. If the signature is valid, it means that the email has not been tampered with during transit and can be trusted. If the signature is invalid, it means that the email may have been altered or forged and may not be trustworthy.

Why is DKIM important?

DKIM is important for a few reasons:

  1. It helps protect against spam and phishing attacks: Spammers and phishers often try to send email from fake domains or domains that they don’t have permission to use. By implementing DKIM, you can ensure that only emails that have been signed with your domain’s private key are trusted, which can help to reduce the risk of spam and phishing attacks.
  2. It helps protect your online reputation: When emails sent from your domain are flagged as spam or rejected, it can harm your online reputation. This can lead to decreased deliverability rates and make it more difficult for you to reach your intended audience. By implementing DKIM, you can help to ensure that legitimate emails from your domain are not flagged as spam, which can help to protect your online reputation.
  3. It can improve email deliverability: In addition to protecting your online reputation, DKIM can also help to improve the deliverability of your emails. When you have DKIM implemented, email servers are more likely to trust emails from your domain, which can help to improve the chances that your emails will reach their intended recipients.

How do I set up DKIM?

Setting up DKIM involves the following steps:

  1. Generate a private/public key pair. This can be done using a tool such as OpenSSL.
  2. Publish the public key in your domain’s DNS as a TXT record. The record should include the following information:
  • The domain name (e.g. example.com)
  • The selector (a unique string that is used to identify the key pair)
  • The public key
  1. Configure your mail server to sign outgoing emails with the private key. This can typically be done through the server’s administrative panel or by modifying the server’s configuration files.
  2. Test the implementation to ensure that the signatures are being added to outgoing emails and that they are being verified by recipient servers.

In conclusion, DKIM is an important security measure that helps to protect against spam, phishing, and other types of email fraud.

Why SPF records are important in email security


SPF records are an important aspect of email security and are used to prevent spam and phishing attacks. In this blog post, we will explore what SPF records are, how they work, and why they are essential for protecting your email system and your online reputation.

What are SPF records?

SPF records, or Sender Policy Framework records, are DNS records that identify which mail servers are authorized to send email on behalf of a domain. These records are used by email servers to verify the authenticity of the sender’s domain and ensure that the email is not a spam or phishing attempt.

How do SPF records work?

When an email is sent, the recipient’s email server checks the sender’s SPF record to determine if the server that sent the email is authorized to do so. The SPF record includes a list of IP addresses and domain names that are allowed to send email on behalf of the domain. If the sending server’s IP address is not on the list, the email may be flagged as spam or rejected entirely.

For example, if you own the domain example.com and you have an SPF record that lists the IP address of your mail server as authorized to send email on behalf of your domain, any email sent from that server will pass the SPF check. However, if an email is sent from a server with a different IP address, the SPF check will fail and the email may be flagged as spam or rejected.

Why are SPF records important?

SPF records are important for a few reasons:

  1. They help protect against spam and phishing attacks: Spammers and phishers often try to send email from fake domains or domains that they don’t have permission to use. By implementing an SPF record, you can ensure that only authorized servers are able to send email on behalf of your domain, which can help to reduce the risk of spam and phishing attacks.
  2. They help protect your online reputation: When emails sent from your domain are flagged as spam or rejected, it can harm your online reputation. This can lead to decreased deliverability rates and make it more difficult for you to reach your intended audience. By implementing an SPF record, you can help to ensure that legitimate emails from your domain are not flagged as spam, which can help to protect your online reputation.
  3. They can improve email deliverability: In addition to protecting your online reputation, SPF records can also help to improve the deliverability of your emails. When you have an SPF record in place, email servers are more likely to trust emails from your domain, which can help to improve the chances that your emails will reach their intended recipients.

How do I set up an SPF record?

Setting up an SPF record is relatively simple and can be done in a few steps:

  1. Identify the servers that are authorized to send email on behalf of your domain. This can include your own mail servers, as well as any third-party servers that you use (such as a marketing automation platform).
  2. Create a list of the IP addresses and domains that are authorized to send email on behalf of your domain.
  3. Create an SPF record using the list of authorized servers. The record should include the following information:
  • The domain name (e.g. example.com)
  • The SPF record type (e.g. TXT)
  • The SPF record value (e.g. v=spf1 a mx ip4:1.2.3.4 include:thirdpartyserver.com -all)
  1. Publish the SPF record

Why you should have a Dmarc record in the DNS of your domainname


Domain-based Message Authentication, Reporting & Conformance (DMARC) is a security protocol that helps protect email senders and recipients from spam and phishing attacks. It works by verifying that an email message is legitimate and actually sent from the domain it claims to be sent from. If an email fails DMARC evaluation, it can be flagged as suspicious or rejected outright.

As the prevalence of email phishing attacks continues to grow, it is more important than ever for businesses and organizations to implement DMARC in their domain names. Here are just a few reasons why DMARC is so important:

  1. Protect your brand reputation

Phishing attacks can damage your brand reputation in a number of ways. For example, if a customer receives a fake email claiming to be from your company and falls for the scam, they may lose trust in your business and be less likely to do business with you in the future. Additionally, if your brand is associated with phishing attacks, it can damage your reputation and lead to decreased customer trust. Implementing DMARC can help protect your brand reputation by reducing the likelihood of phishing attacks using your domain.

  1. Reduce spam and phishing in your inbox

DMARC helps to reduce spam and phishing emails in your inbox by allowing you to set policies for how to handle messages that fail DMARC evaluation. For example, you can choose to reject or quarantine these messages, helping to keep your inbox clean and free of potentially malicious content.

  1. Improve email deliverability

In addition to protecting your brand reputation and reducing spam and phishing in your inbox, implementing DMARC can also improve your email deliverability. When your emails pass DMARC evaluation, they are more likely to be delivered to the recipient’s inbox, rather than being flagged as spam or rejected altogether. This can be particularly important for businesses that rely on email marketing or use email as a primary form of communication with customers.

  1. Increase security for your customers

By implementing DMARC, you can help protect your customers from phishing attacks and other malicious activity. This can not only improve customer trust in your business, but it can also reduce the likelihood of your customers falling victim to a phishing attack.

So, how do you implement DMARC in your domain name? First, you will need to publish a DMARC record in your domain’s DNS. This record specifies the policies for handling messages that fail DMARC evaluation, as well as where to send reports on messages that pass or fail DMARC evaluation.

Next, you will need to set up SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail) for your domain. SPF is a protocol that helps verify that an email was actually sent by the domain it claims to be sent from, while DKIM uses a digital signature to verify the authenticity of an email. Both of these protocols are used by DMARC to determine whether or not an email message is legitimate.

Once you have set up SPF and DKIM, you can then monitor your DMARC reports to ensure that your email messages are passing DMARC evaluation. You can use tools like Google’s DMARC Analyzer to help you monitor and analyze your DMARC reports.

In conclusion, implementing DMARC in your domain name is crucial for protecting your brand reputation, reducing spam and phishing in your inbox, improving email deliverability, and increasing security for your customers. By taking the time to set up DMARC, SPF, and DKIM, you can help ensure that your emails are legitimate and protect your business and customers from phishing attacks.

Domain Opportunities for Agencies



dot-agency

With the new gTLD program maturing after the introduction of around 1000 new possible extensions besides .com I think it is good to look at some opportunities that are especially interesting for Agencies. When I say Agencies I mean webdesigners, webdevelopers, marketing agencies, media bureaus, advertising agencies, e-commerce companies etc etc.

In the new gTLD space are so many good ideas for domain names or company names still available, especially for Agencies. What to think of these new gTLDs:

  • .design
  • .media
  • .marketing
  • .agency
  • .sale
  • .website
  • .shop
  • .site
  • .online

And these are just a few options for these specific organisations. For many vertical markets there are a lot of different other options.

With an Openprovider membership starting at € 49,00 you can buy them for registry costprice. See https://lp.openprovider.com/ntld-plan-xs-size for more details.

 

Does a .bank domain improve the security for banks?


 

Short answer: Yes

Banks are constantly fighting a battle against internet criminals. It is tough for them to do that, especially since law enforcement is not yet sufficiently equipped to help them. Security is a big issue for banks coming at high costs.

But there is a relatively simple opportunity for banks to prevent phishing and that is switching to a .bank domain. It is impossible for criminals to register a .bank domain. So instead of banks educating the public on what is left of the dot it is much easier to educate the public that if the domain name is not a .bank then it is not a bank.

The process of registering a .bank domain is quite difficult and that is a good thing. The requirements are very strict and therefor registering a .bank domain is more a project than a domain registration process. But only banks can register a .bank domain. Nobody else! That means that you have a 100% guarantee that a .bank domain belongs to a bank.

Basically it boils down to the following project that a bank has to start:

  • Prepare the proof that you are a bank and that the people involved in the domain registration process are authorised to do so.
  • Prepare a migration plan from your current domain and website to a .bank domain and website
  • Setup your nameservers in the .bank zone with all requirements like DNSSEC, DMARC etc
  • Arrange a high end SSL certificate
  • Prepare a migration plan for moving your email infrastructure to a .bank domain
  • Prepare a marketing plan to educate your customers to only trust your bank when a .bank domain is used.

Will it stop phishing? No, criminals will still try. But at a relatively low budget it is so much easier to prevent phishers to be successful and that should be enough reason for all banks to move their websites and email to a .bank domain. There is basically no excuse given the huge amount of daily phishing attempts.

Openprovider has a lot of experience with .bank domains and is a top10 registrar of .bank domains.

Trust


Trust is a strange thing. How does it work? Why do people trust you or don’t trust you or your company? In my 23 years as an entrepreneur I have always found it very hard to relate to why some people trust us and some not.

Being honest, straightforward and reliable does not necessarily build trust is my experience. They seem to build trust when you are becoming a bigger company. All of a sudden people start to trust you, just because you have a certain size. Also in my experience people do not necessarily like it when you are honest. I always have the feeling that people who are about 80% of the “truth and nothing but the truth” are more trusted than people who tell the 100% truth.

One of my closest friends called me “dumb honest” at some point in my life and he was probably right. I used to be very open and very critical about others, myself and my company. And I had to find out that that does not really let people trust me more. Maybe they liked (or disliked) me more but not necessarily trust me more.

So how does trust work then? I have still no real idea but probably the fact that after 23 years (of which 20 in internet related business) we still have a business that grows faster than most is one of the main drivers for trust. Staying in the game all these years seems to build trust.

What in my opinion should be more important are the 4 principles our business is build on:

  1. A business model that is aggressive and different than our competitors.
  2. Constant innovation in technology (and our business models).
  3. High quality support (everybody says that, but ‘trust’ me it is true).
  4. People first.

When we changed our business model to memberships and started to sell domains and ssl at cost price I got a lot of questions like: “how do you make money?” , “how can we trust that you are still there tomorrow?” etc etc. Tough questions with quite simple answers.

ADD VALUE, BE DIFFERENT

If you don’t add value to a product or service the margins will go to zero. This is happening in the domain registrar world and any other commoditizing industry. Charging a fee for the platform and not for the product is much more sustainable. Combined with investing in constant innovation, 60% of our people are in software development, creates a long-term advantage. It is all about adding value. And we have build a superior set of tools that really add value.

IT DOESN’T MATTER WHERE YOU ARE, IT MATTERS WHERE YOU WANT TO GO

We were small when we started the membership model. Most memberships are from new customers. Meaning from business we did not have before. So we made more profit from the first year we changed and we grew much faster than before. We did not focus on what we had, but decided to go for the huge market that was out there to get.

SUPPORT is PROFIT not COSTS

Many companies treat their support team as a cost center. We treat support as a profit center. That different mindset is one of the reasons why we can grow so fast because it apparently builds trust.

TO GOOD TO BE TRUE?

People think that when something is cheap, probably the service is crap. And in many cases that is true. We are not cheap at all. We charge good money for a great product and give highly rated support on top of that. There are not many Cloud companies that can charge 10.000 euro per year for an administrative backend like ours. The fact that you pay much more than that by paying 30 cents or even several dollars on top of a domain registration is very expensive. Basically we are not cheap but our competitors are too expensive.

PEOPLE FIRST

One of the things I like most about our business is that we really have started to put our people first. It is a quite well known principle and we did not treat our people bad at all in the past. But nowadays we really focus on people stress and happiness and try to solve the issues where people have simply too much work, do too many routine tasks, or do things that can simply be automated. Most of our projects are related to solving internal bottlenecks. And the cool thing is that by solving these internal bottlenecks the customers benefit as well. Our people can take better care of them because the work that we do is more fun and has more purpose. And the challenge of solving stuff that is bothering your colleagues is really cool!