<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=986590804759414&amp;ev=PageView&amp;noscript=1">
G Suite Admins Blog > Security and Governance

G Suite Setup Essentials: Protecting your Domain from Spoofers


Spoofing is disguising a communication source from an unknown source to be from a known and valid source.  Spoofers commonly target phone calls, emails, websites, IP addresses, Domain Name System servers and address Resolution Protocols.

When you set up a G Suite free trial domain for your business, in less than an hour, you will enjoy professional level productivity tools. However, effective experience of the tools requires you get the set-up right in the first place. A core section is protecting your domain from spoofers. Read on how to go about this.

Verify Your Domain

Domain verification helps to prove URL ownership, as well as technical access proof. The G Suite Setup Wizard helps you configure tasks such as

  • Using mail clients such as Outlook
  • Email migration from old accounts
  • Spoof proofing your domain email

For the last point, if you are not an experienced mail server administrator, especially when trying out the G Suite free trial, do not spoof proof using the SPF or DKIM settings. However, if you purchased the domain through a goggle partner, high chances this was already done for you.

Using SPF Records         

Spammers forge the From field to make it seem like emails are coming from your domain. Add a Sender Policy Framework (SPF) record to your domain host. This enables email recipients to identify which of your email servers sends emails from your domain.

In short, the record informs the recipients mail server that the message has come from your domain, and is not spam.

When you send an email from your Gmail, the recipients server checks if the SPF record at your domain, matches the record on their server. If there is a mismatch, the message is marked as spam.

Using SPF with DKIM and DMARC

Domain Keys Identified Mail and Domain-based Message Authentication, Reporting and Conformance, alongside SPF can help spoof proof your domain in the following ways-

  • SPF specifies the domains allowed to send messages
  • DKIM verifies authenticity of the message content
  • DMARC stipulates the cause of action for suspicious incoming emails.

Turn on Advanced Protection

The released beta versions of G Suite feature advanced protection setting. The controls allow you to-

  • Quarantine emails- This feature reroutes emails that match malware and phishing controls to a quarantine area for review. You can either move the emails to a pre-existing quarantine area, or create a new one.
  • Anomalous attachments Protection-displays a warning banner alongside emails with suspicious or unusual attachment. The system then either sends them to quarantine, or spam. The inbuilt algorithm analyses the common files your domain receives and models a detection criterion based on that. However, different domains might have legitimate functions for uncommon file types. Thus, exercise more control to prevent locking out legitimate business emails.
  • Identify unauthenticated emails that are potentially spoofing your domain, displays a warning banner alongside them, or send them to quarantine. Spoofers use the same protocols that legitimate systems use to send mail. The messages are then sent out to your Google groups, appearing as if they come from your domain.

Even on the G Suite free trial Beta versions, you are able to:

  • Turn Groups spoofing protection on or off
  • Turn on setting to protect against spoofing based on domain names similarity
  • Turn on settings to protect against employee name spoofing
  • Turn on settings to protect against potential Business Email Compromise messages
  • Choose whether to keep emails in the inbox with a warning banner
  • Select whether to automatically send emails to the spam folder or quarantine
  • Select the groups to apply the settings to. It can either be individual private groups or all groups

The new interface allows you to easily see the settings you have applied, and the actions under each control.

Most people will immediately recognize spam email the minute you see one. However, an email seemingly from your employee, boss or business partner wouldn’t look suspicious. The content may raise eyebrows, but if it is similar to your line of work, for example, request to deliver goods and send money. Gmail and Outlook, under the G Suite free trial and paid package, have relatively strong ant-spoofing protection. You only have to know about how to turn the protection features on.