By Carl Brown, President, GettingGreatRates.com

wenty-five thousand in my inbox. All but 25 of at the company that hosts your Web site. Tell them you them had subject lines like, “Sending Failure” and were spoofed, or you want to prevent spoofing “Message Rejected.” I was spoofed. It was awful. But T O(hopefully the latter). my story might help you avoid being spoofed, too. Under the guidance of tech support, go to your Web December 17, 2015: Four hundred failure O site settings page. messages. “Hmm,” I thought. I should have thought deeper! Open the “DNS Zone File” page and set the “TXT December 18: Four thousand failure messages. I won’t Record” value, which exerts control over email, so say what I thought. that email with your address on it will only be December 19: Twenty-five thousand failure messages, claimed as yours if it actually came from your host’s give or take a few thousand. What WAS I thinking? server. The thing that does this is called a “SPF Record.” The SPF Record tells other people’s email Email spoofing is the creation of email servers that if they get an email with your address on messages with a forged sender address. it but it came from any other server, REJECT IT. – Wikipedia Now, you can actually set the SPF Record so that it will allow your email to be sent from other specified servers, too, (Spoofing is done to send out junk but that is way above my pay-grade. e-mail, e-mail or just to be Spoof and spam prevention – related – are really the way malicious. – The Author) to Igo: Protect your usernames and passwords, make them complicated and change them often – old but excellent Finally, I took action. I killed my , my Oadvice. identity for the last ten years – ouch. Later on I discovered Do you have too many usernames and passwords to killing an email address won’t stop spoofing. Thus, began remember? Record them. But don’t put them on my research into spoofing. Amazingly, there is not much your Web-accessible computer or other device! If guidance out there. This is what I picked up. IYou prevent and stop spoofing by doing the same things: If you use Gmail, Hotmail or another on-line service, Spoofers are like a pack of hyenas. they should already have spoof prevention in place but When they sense injury they all jump don’t just assume they do. Call tech support of the host on. Soon after that, those who received of the server that carries your email to make sure that the next bullet point measure has been activated for spam and phishing e-mails under your I your email account. name start to call and e-mail YOU. And If your city or district has a Web site and you run email you learn some new bad words. through that site, you are vulnerable. Call tech support

70 July 2016 THE KANSAS LIFELINE Domain Name System (DNS) File is a text fuzzy things. Sure, it’s not user-friendly but it’s O effective. Or, file that describes a DNS zone. The zone On your contact page, tell readers how to build file contains mappings between domain email addresses from a list of names and addresses names and IP addresses and other O you give them. And/or, List a “disposable” email address like resources, organized in the form of text [email protected]. Whoever receives these representations of resource records messages then forwards each to the proper staff for (RR). – Wikipedia handling. When you start getting too much spam at the disposable address, just delete it and start a new I one. someone gets in or steals the machine, game over! If When you set up an online account and they offer two- you don’t have many passwords, write them down stage verification, take it! Two stage is a login process and hide the list well in two separate places – your where you enter your username and password. The site office or home and a safe deposit box or maybe at then sends a text message to your cell phone with a your Mom’s house. If you code. You enter the code into an have a lot, put them on two box and you are in. To flash drives and hide those TXT (Text) Record is a type get into your account a thief would in two places, one nearby, of resource record in the have to steal your username, and one at Mom’s house. password and your phone. Please Continuously update the Domain Name System (DNS) don’t say you put all that information one that you keep handy used to provide the ability to in Iyour phone! and periodically change it associate some arbitrary and Install a SSL Certificate on your out with the one at Mom’s Web site. This encrypts contact house. (Morose, but unformatted text with a host between your site and others important, that flash drive or other name. – Wikipedia who visit your site, making it is going to come in handy much harder for someone to for your loved ones when hack your visitors’ information. O you die.) If you (still?) trust the Web, use one of those online Secure Sockets Layer (SSL) Certificate password lockbox services. I, for one, do NOT put creates an encrypted connection the keys to my life on the Web. I hide them in a safe, between your web server and your I physical place. Be careful about email addresses on your Web site. visitors' web browser allowing for Spammers, spoofers and “bots” can find them there private information to be transmitted Oand abuse them. Do this: Hide email addresses behind a contact page that has without the problems of , an authentication feature. You know, a page with a data tampering, or message forgery. fuzzy picture of numbers or a word that you type – SSL Shopper into a box to gain access. Bots can’t (yet) read those

Sender Policy Framework (SPF) Record Back in the day the Internet and email were wonderful, is a type of Domain Name Service care-free tools. Spammers, spoofers and other crooks killed (DNS) record that identifies which mail that. But if you will practice some defensive moves, you can servers are permitted to send email on still get a lot done on the ‘net. We sure do.

behalf of your domain. The purpose of Carl Brown is President of an SPF record is to prevent spammers GettingGreatRates.com, which specializes in water, sewer and other utility rate analysis and from sending messages with forged tools. The firm also serves as the RATES Program “From” addresses at your domain. rate analyst for the Kansas, New Mexico, North Dakota, Virginia and Wyoming rural water – Google associations. Contact: (573) 619-3411; [email protected]

July 2016 71 THE KANSAS LIFELINE