Phishing From Email Field Using Company Domain – PSAT

QuestionWhy am I unable to receive phishing campaigns when I use my own email domain in the From Email?

AnswerWe allow customers to send phishing campaigns using several different Proofpoint Security Awareness Training owned domains as well as the customer’s own domain name. However, it should be noted that while this is possible, there is a high likelihood that these messages will be marked as spam or rejected by your mail server completely. This is usually because our mail server is not listed in the customer’s SPF records.

For example, this is the SPF record for abcsecurity.com:

abcsecurity.com descriptive text “v=spf1 mx a include:spf.proofpoint.com ipv4:xx.xxx.xx.xxx include:proofpoint.com ~all”

This specifies that only IP addresses with the reverse of spf.proofpoint.com and the IP address “xx.xxx.xx.xxx” are permitted to send emails using abcsecurity.com in the From: field. If an email message is sent from an IP address not listed in the SPF record with abcsecurity.com in the From: field, spam filters are very likely to mark the message as spam.

Additionally, if you use a domain name that is a misspelling of your real domain name (e.g. companyy.com vs. company.com), if there is no reverse DNS entry for companyy.com your mail server will likely reject the email completely.

We recommend that Phishing customers who wish to send campaigns using their own domains in the From: field add an SPF entry for our email servers.  Please see Safelisting Guide for more information.