This guide details the operations automatically performed by Infomaniak to secure the email of Service Mail domain names with the extensions .ch and .li.

Adding or modifying certain DNS records

To ensure the security of global email exchanges, it has been decided to automatically apply certain DNS configurations to domain names with the extensions .ch/.li (and whose DNS zone is on Infomaniak) that have no other impact than to prevent unsolicited emails from both sides. You do not need to do anything specific about this, however, it is recommended to familiarize yourself below with the explanations regarding the necessary modifications and their reasons.

Updating the SPF (Sender Policy Framework)

SPF is an essential security mechanism for verifying the authenticity of emails sent on behalf of a specific domain.

When you own a domain name in .ch/.li and wish to secure your email services, it is recommended to configure SPF using the directive "-all".

If this is not currently the case (SPF in "?all" for example) this policy will be applied automatically.

100% DMARC Reject Policy

The DMARC policy is a mechanism that allows you to control how emails from your domain should be handled if they do not pass SPF and DKIM (DomainKeys Identified Mail) checks.

When you configure a 100% "Reject" DMARC policy, this means that any email that fails SPF or DKIM checks must be rejected, i.e., blocked, by the receiving server.

You can also consider a configuration with a 100% "Quarantine" DMARC policy that will treat any email that fails SPF or DKIM checks as spam and may be placed in quarantine, i.e., moved to the SPAM folder.

Consequences of SPF and DKIM Failures

If an email fails SPF or DKIM verification, it is considered unauthenticated. This means that the receiving server may mark it as potentially unreliable, quarantine it, or reject it (the latter case will be in effect), depending on the defined DMARC policy. This ensures that only legitimate emails, sent in accordance with established security policies, are accepted.