undefined | Better HN

0 pointsaepiepaey7y ago0 comments

Just to make it clear, is this true if you use your own domain, or just if you use any of Fastmail's domains?

0 comments

Seems to be just Fastmail domains but there might be some setup involved for custom domains. See their docs

https://www.fastmail.com/help/technical/senderauthentication...

If I understand this correctly, you need to be managing your own DNS (not letting Fastmail do it), and you probably need to set p=reject in your DMARC so that non-fastmail servers can't spoof your addresses.

And if Fastmail allows Fastmail user A to spoof Fastmail user B, then the above still only protects you against non-Fastmail customers.

eggsampler7y ago

I have received a spoofed email from my own domain, so I believe it's not just Fastmail domains but any custom domain on an account.

Riverheart7y ago

Do you host your custom domain with Fastmail? I may have misread but the article seemed to suggest you could potentially setup dmarc via the DNS page or whoever you host with.

j / k navigate · click thread line to collapse

0 comments

Riverheart7y ago

Seems to be just Fastmail domains but there might be some setup involved for custom domains. See their docs

https://www.fastmail.com/help/technical/senderauthentication...

bscphil7y ago

And if Fastmail allows Fastmail user A to spoof Fastmail user B, then the above still only protects you against non-Fastmail customers.

eggsampler7y ago

I have received a spoofed email from my own domain, so I believe it's not just Fastmail domains but any custom domain on an account.

Riverheart7y ago

Do you host your custom domain with Fastmail? I may have misread but the article seemed to suggest you could potentially setup dmarc via the DNS page or whoever you host with.

j / k navigate · click thread line to collapse