How to enable Internal Impersonation Protection

This article shows you how to enable Internal Impersonation Protection using Sender Policy Framework.

Sender Policy Framework (SPF) is a validation system designed to prevent email spoofing - by verifying a sending email server's IP address against the sending domain name. This allows you to block external entities (like spammers) from using your domain name to send out spam emails that use external mail servers not under your control.

You can easily check if a domain name has an SPF record attached to it using this online tool: SPF Lookup

If you only use Zimbra or only relay mail via our Smart Hosts, we suggest you create the following SPF record in your domain's DNS settings:

v=spf1 ~all

If your domain already has an existing SPF record - you can add the following to your domain's existing SPF record:

Step 1. Login to the Control Panel and under 'Your Customers' click on the customer's account you wish to manage.

Step 2. From the customer's account page, click on the 'Product Name' you wish to manage - in this example it's Zimbra Email.

Step 3. Under 'Product Configuration' click on Anti-Spoofing

Step 4. You should now see the 'Anti-Spoofing' page where you can enable and configure Internal Impersonation Protection.

Step 5. Choose how to deal with email from external senders that are using your domain to send out spam emails. NB: When first enabling we suggest you set the "Delivery method" to "Deliver".

Step 6. Choose how to deal with email from domains that are spoofing your domain name, by using miss-spellings.