Sunday, August 19

Stop spammers from using your Google Apps domain

Lately I've been getting a lot of return mail from accounts that were sent mail from spammers using my domain.  It's annoying and somewhat frustrating, especially if it is your business domain because you run the risk of being blacklisted.  Here are a couple of simple ways you can prevent this on a standard Google Apps account using Enom for domain registration.

Sender Policy Framework - This is an open standard that specifies which servers are allowed to send mail that a receiving server can validate messages against.  This can be set up fairly simply in your admin control panel.  To do this:

  1. Go to your domain control panel and click on "Domain Settings" and then on the "Domain names" tab.  From here, click on the "Advanced DNS Settings" which will give you a login to the domain settings with Enom.  
  2. Under "Host Records", click the Edit button and add a new TXT record with the following values
    1. Host Name: @
    2. Address: v=spf1 include:_spf.google.com ~all
    3. Record Type: TXT
This publishes the information that any mail not sent from an included domain should be rejected.

DomainKeys Identified Mail - This adds a signature in the email headers that allows association of a domain name to an email message.  It prevents spammers from forging the source address of their messages which allows other spam filtering to be more effective.  To implement this with your apps domain, go to the domain control panel and click on "Advanced tools".  At or near the bottom is a heading called "Authenticate email" with a link to a DKIM setup.  This is a fairly simple automated setup or you can set your own up manually if you know what you are doing.