Email Security Test Domain

📧 Why did I receive an email from this domain?

This domain is part of the Net Reaction Small Business Security email configuration testing service.

Someone at your organization requested an Email Security Test, which sends a series of test emails to verify that your email provider is properly filtering malicious messages.

⚠️ This is NOT spam or phishing

This test was explicitly requested by a user at your organization. The emails are safe and are designed to test your email security configuration.

🔍 What does this test check?

Test #2: DKIM Signature Verification

This test checks whether your email provider verifies DKIM (DomainKeys Identified Mail) signatures.

DKIM adds a cryptographic signature to emails that proves they haven't been tampered with in transit. This email was sent with an invalid DKIM signature that doesn't match our published public key.

If you received this email in your inbox:

Your email provider is NOT verifying DKIM signatures. This means attackers could send tampered or forged emails that appear to come from legitimate domains.

🛠️ How to fix this

If this email reached your inbox (not spam/junk folder), your email security needs attention:

  1. Identify your email provider Determine if you use Microsoft 365, Google Workspace, on-premises Exchange, or another provider.
  2. For Microsoft 365 DKIM verification is enabled by default. If this test failed, contact Microsoft support to verify your anti-spam and authentication settings are configured correctly.
  3. For Google Workspace DKIM verification is enabled by default. Review authentication settings in Admin Console → Apps → Google Workspace → Gmail → Safety.
  4. For on-premises Exchange Enable DKIM verification in your spam filter, email gateway, or anti-spam solution (e.g., Barracuda, Proofpoint, Mimecast).
  5. Consider an email security gateway If your current email solution cannot verify DKIM signatures, consider adding a dedicated email security gateway that provides this protection.

📚 What is DKIM?

DKIM (DomainKeys Identified Mail) is an email authentication method that:

  1. Sender signs the email When sending, the mail server adds a cryptographic signature to the email headers using a private key.
  2. Public key is published in DNS The domain owner publishes the corresponding public key as a DNS TXT record.
  3. Receiver verifies signature The receiving server retrieves the public key and verifies that the signature matches the email content.
  4. Tampering is detected If the email was modified in transit, the signature won't match and the receiver knows something is wrong.

A DKIM DNS record looks like this:

selector1._domainkey.example.com TXT "v=DKIM1; k=rsa; p=MIGfMA0G..."

The p= value is the public key used to verify signatures from that domain.

This test is provided by Net Reaction Security

Questions? Contact security@netreaction.com