Seytonic's New Video on Email Security

In this video, Seytonic addresses the critical topic of email security, drawing from a personal experience where he received an email seemingly sent by Vladimir Putin. Although the email appeared legitimate at first glance, it turned out to be fake. Seytonic explains how, by checking the email headers, he was able to determine that the sender's IP address was not authorized to send emails on behalf of Putin, but was also not explicitly forbidden. This situation is due to a poor email security configuration of the Kremlin.ru domain. Seytonic emphasizes that this problem is not unique to the Kremlin. Even the White House has been vulnerable to email spoofing, and North Korean hackers continue to send phishing emails under false identities. The consequences of email spoofing can be devastating, as Seytonic's personal experience shows, where someone impersonated him to obtain hacking equipment from a company. To prevent email spoofing, Seytonic explains three key concepts: SPF, DKIM, and DMARC. An SPF record determines which IP addresses are allowed to send emails on behalf of a domain. A DKIM record contains a public key that recipients use to verify if the email was signed with the corresponding private key. A DMARC record determines what happens to an email if the SPF or DKIM checks fail: no action, quarantine, or complete rejection. Seytonic demonstrates how to configure these records using a tool that simplifies the process. He shows how to add DMARC, SPF, and DKIM records to a domain's DNS settings, allowing the verification of the authenticity of sent emails. He also highlights the benefits of security reports, which help understand if the configuration is working correctly and identify potential threats. In conclusion, Seytonic stresses the importance of properly configuring email security to avoid spoofing and phishing attacks. He shows that even government entities can be vulnerable if they do not implement the right security measures.