To prevent email spoofing, it is important to manually configure email authentication systems to the highest standard. This is a complicated process that often results in misconfigured email servers or companies simply skipping authentication and leaving their domain at risk of being spoofed. Here you can find our SPF research as well as a guide to help you configure your email server’s authentication.
We have researched the email authentication configuration of the top 500 Alexa sites and discovered that less than half of the domains had proper email authentication in place.
After looking into the SPF records of the world’s top domains, we checked the configurations of Finland’s largest companies and found that the majority lacked security measures preventing email spoofing.