Email security
Anyone can send email as your business. Here’s how to stop them.
A spoofed email looks like it came from your domain — because, right now, technically it can. That’s exactly how fake-invoice scams land on your customers.
The problem, in plain English
Your customers trust email from your domain. So do scammers. If your domain isn’t locked down, anyone can send an email that lookslike it’s from you — to your clients, your suppliers, your staff — asking them to pay a “new” bank account or click a dodgy link. When it works, it’s your name and your reputation on the line.
The three settings that decide it
It’s called the DMARC ladder. Most domains are stuck on the bottom rung.
p=noneWatching, doing nothing.
Where most domains are stuck — feels safe, isn't.
p=quarantineSpoofed mail gets sent to junk.
Better — but the spoof still lands somewhere.
p=rejectSpoofed mail is blocked outright.
This is the protection.
It’s a single DNS record, walked up the ladder carefully so you don’t bounce your own legitimate mail. About 20 minutes done properly.
What I’ll do — free
I’ll run a free health check on your domain and send you a one-page action list: exactly what’s exposed, in priority order, written so you (or whoever looks after your IT) can knock it over. If you’d rather I just fix the biggest one, I’ll do that too — the first hour’s on me (normally $150/hr).
Why me
I’m Ewan — a Brisbane-based IT consultant (and a dad and family man from right here in town). 15+ years, no outsourcing, no overseas helpdesk. You deal with me.
“Ewan sorted issues our previous IT didn't even spot — straight up, no jargon.”
Free, actionable, no spam. Yours to keep — hand it to your IT person if you’ve got one. No lock-in, no obligation.