Sécuriser l’acheminement du courrier

ToPour ~~secure~~sécuriser ~~your~~votre ~~mail~~serveur ~~server~~de ~~and~~messagerie ~~the~~et ~~delivery~~l’envoi ofde ~~your~~vos e-mails, wenous ~~recommend~~vous ~~that~~recommandons ~~you~~d’utiliser ~~use~~les ~~the~~trois ~~following~~protocoles ~~three~~suivants ~~protocols:~~:

SPF

~~The~~Le Sender Policy Framework (SPF) ~~allows~~permet tode ~~declare~~déclarer ~~your~~votre ~~mail~~serveur ~~server~~de asmessagerie ~~authorized~~comme toétant ~~originate~~autorisé ~~mail~~à ~~for~~émettre ~~your~~du ~~domain(~~courrier pour votre (vos) domaine(s).

ToPour ~~configure~~le ~~it,~~configurer, ~~you~~vous ~~have~~n’avez toqu’un ~~add~~seul aenregistrement ~~single~~DNS ~~dns~~à ~~record:~~ajouter :

Type: TXT
Host: @ (depending of your DNS provider, it can be your domain name example.com, a blank string, a @, etc.)
Value: v=spf1 include:_spf.hosterra.tech ~all

DKIM

DomainKeys Identified Mail (DKIM) is an e-mail authentication method designed to combat mail spoofing.

To configure it, you have to add two dns records. To get these two specific records, just access the Plesk interface of your server, then:

click, in the left side menu, on Mail;
click the Mail Settings tab;
check the Use DKIM spam protection system[…] at the bottom of the page;
get the 2 dns records to add by clicking on How to configure external DNS.

DMARC

Once SPF and DKIM are configured and operational, you can set Domain-based Message Authentication, Reporting and Conformance (DMARC), a standard email authentication protocol by just adding one more dns record:

Type: TXT
Host: @_dmarc
Value: v=DMARC1; p=reject; pct=100

If you configure DMARC before configuring AND validating SPF and DKIM, you will be unable to correctly send emails from your server.

Testing you configuration

To test your SPF + DKIM + DMARC configuration, you can uses tools like: