Showing posts with label SPF. Show all posts
Showing posts with label SPF. Show all posts

Friday, June 23, 2017

Is your company domain safe from spoofing?

There's no doubt that in the last two decades email has become the backbone and primary source of business communication. Businesses rely heavily on emails to communicate internally with their own staff as well as externally with clients and partners. Gmail alone has well over one billion monthly active users. Such heavy email dependency requires immense reliability and security. Unfortunately, we find many businesses are unaware that their backend mail settings are not configured for optimum reliability and security.
When it comes to securing Gmail admin settings, it's crucial to have the correct DNS (Domain Name Settings) configured to prevent domain spoofing. What's domain spoofing? In simple terms, it's the unauthorized use of a third-party domain name, primarily in an email message, in order to pretend to be someone else. SPF, DKIM, and DMARC are all security standards followed in G Suite applications to keep your domain safe. SPF (Sender Policy Framework) records allow the user to easily identify spam messages for their domain. DKIM (Domainkeys Identified Mail) attaches a new domain name identifier and encrypts the message to validate authorization for the message, and DMARC (Domain-based Message Authentication, Reporting & Conformance) allows the user to instruct how Gmail handles unauthenticated emails coming from within the domain. These may all sound complicated but are quite necessary to keep your users and domain safe. Use the Google Toolbox MX checker to see if your domain is configured correctly. If there are issues you will see the following prompt when you run the check:

If this is what you see when you check your domain, contact us! We highly recommend using an expert to configure these security protocols as we've seen customers claim their IT staff has already set these up, only to find out later that it was configured incorrectly. This cost of properly setting these protocols up is negligible in comparison to the potential damage they prevent.

In our several years of experience, we've seen users simply don't realize the importance of having the proper DNS records set up, simply because it was not given importance or because it was too complicated for their IT staff to configure correctly. To help our cloud friends enjoy a safe and secure domain, InterlockIT will clean up your DNS records for FREE in exchange of transferring your G Suite subscription to us as your reseller (some conditions apply). It's a win win since you get free assistance to protect your domain as well as all the benefits of having a Google Cloud Partner. Contact us today and lets secure your domain!

Monday, May 30, 2016

No more forged emails! - SPF and DKIM

Secure email is vital to any organization. If you have ever received email from your employee or a company you do business with, but it's actually really from a malicious/unknown source, then you've seen first hand how easy it is to forge emails. Our previous blog post covered how users can prevent important email from landing in their spam folder. This post covers a common question we get from our customer base; why does sent email end up in the recipient's spam folder or isn't delivered at all?


Every recipient is unique and has different spam filtering settings for messages being received. Typically, recipient servers don't provide information about spam filtering to the sender of an email simply because it makes the recipient vulnerable by giving too much information to actual spammers who could then potentially get around the filters. This is where SPF and DKIM authentication come into play. Authentication legitimizes the source of the email to prove it isn't forged and is a thorough way of ensuring your email is delivered to the person you are sending to.

A sender policy framework (SPF) record is a type of DNS (domain name server) record that identifies which mail servers are permitted to send email on behalf of your domain. SPF records are used to prevent spammers from sending email on your behalf. It essentially asks, "is this email coming from an authorized mail server?" If it isn't, the email is likely to be spam.

A DomainKeys identified mail (DKIM) record simply adds a digital signature to emails your organization sends. The email recipient servers check if the signatures match and if so, the email hasn't been tampered with and is from a legitimate sender. Fundamentally, the DKIM check verifies that the message is signed and associated with the correct domain.

Having both SPF and DKIM records in place can greatly reduce the potential of spam email appearing to be sent from your domain and also improves email deliverability. An easy way to check if your domain's SPF and DKIM records are in compliance with Google's recommendation is by going here: https://toolbox.googleapps.com/apps/checkmx/check.
The interlockit.com SPF address declares that Google Apps, Freshbooks, Sendgrid, and MailChimp are all authorized to send email on behalf of our domain. 
Our team at InterlockIT has assisted many hundreds of companies and organizations update and correct their DNS records resulting in very happy customers. Be sure to contact us today to prevent email forgery for good!

Friday, May 6, 2016

Important mail going to spam? Read this!

It happens to a lot of users. Your boss, colleague, or client asks if you've completed the first draft and you look at them with a blank face, with no clue as to what they are referring to. You either missed the email or it somehow landed in your spam folder which you rarely ever check. "Why is important email landing in my spam" you ask? Simple, you get Gmail to stop checking for spam - sort of.

If you're finding that wanted incoming email is landing in spam, here is a way to redirect it to your inbox. Filters are one of the most powerful tools integrated in Gmail. If you understand the power of email filters, you can do quite a lot with them to manage your inbox efficiently and productively. Follow these simple steps to setup a domain filter to automate "spam email" to redirect into your inbox.

1. Click the gear icon in the upper right corner of your inbox and select Settings.





2. Select the Filters and Blocked Addresses tab and at the bottom select Create a new filter.



3. In the resulting popup, place this text (without quotes) “is:spam” into the "Has the Words box", enter the domain name from which wanted mail is landing in spam, and click Create filter with this search.






















4. Check the Never send to Spam box (and any other boxes you'd like a match for) and click Create filter.






That's it! You've now created a filter to prevent wanted mail from that specific domain from going to your spam folder. Technically we haven't stopped Gmail from checking spam, but this filter functions in practically the same way, so no more scavenging through your spam folder to find that lost unread email. Next time you get an important email from that domain in spam, it will automatically pass along to your inbox as a regular piece of mail.

In our next post we'll cover why your sent mail may be going to your recipients spam folder and why having your domain's SPF and DKIM records up to date is crucial to having your email delivered appropriately. To learn more about how Gmail and other Google Apps can make your company more efficient and productive, be sure to contact our InterlockIT team! 

Monday, June 17, 2013

Google+ SEO and the New Google+ Related Pages Widget in Gmail

In December 2012, Google+ overtook Twitter for the #2 spot among social networks, with 343 million active monthly users. YouTube, Google's famous video-sharing site, ranks third, with 300 million active monthly users. Together, these two sites boast over 700 million active monthly users. Wouldn't it be nice to tap into 700 million users?

With the new Google+ related pages widget in Gmail, you now canprovided you meet a few important criteria. Most small-to-medium sized businesses we've encountered who have already deployed Google Apps haven't had it done by Google Apps Certified Deployment Specialists, which means they're generally missing SPF spam prevention and DKIM message authentication. This not only leaves your domain open to spammers and fails to prevent spoofing, but now it also means that your Google+ page can't help you fight your way to the top of Google Search Engine results.

Recently, Google rolled out a new Google+ feature that ties into Google Apps email: related pages. When a contact opens an email from you in Gmail or Google Apps, they have the ability to see at-a-glance your latest activity on Google+, the ability to +1 posts, follow your page, and more. All this capability, though, hinges on your Google+ page and Google Apps accounts being properly configured.

Linking your website to your Google+ profile is the first step, and something few businesses have done. This step is fairly easy and helps slightly with your search results, but more important are the email domain protection of SPF and DKIM authentication.

SPF is easy to implement but unfortunately just as easy to implement incorrectly, which is the state we often find it in. SPF helps other email systems identify where your email messages are allowed to come from and whether or not a particular message actually came from there. Without this, spammers can "spoof" your domain name and send email that appears as though it comes from your company's domain.

DKIM works like SPF but takes the authentication up another notch by integrating your domain's DNS records with email. You generate a unique 1,024-bit "key" that is added to every email message you send from your domain while mail servers that receive messages from your company compare the key on the message to the key in the DNS records. If the two match, the message is cleared and will hit your inbox; if the two don't match, the message is marked as spam and treated as such. A handy side-effect of DKIM authentication is that recipients of your emails will no longer need to click "Display images" on your messages. Since Google knows that your message came from you, this anti-spam tactic isn't required.

Google+ makes its impact not simply because it's also a Google product, but because Google can gather more information on users than what would come from using a browser cookie—now it can track someone's location, age, industry, and most importantly, their interests. With Google+, Google can even better personalize search engine results based on the additional information provided by a user's +1's, sharing, and posts.

By building a powerful Google+ network, you have the opportunity to directly affect the personalized search results of thousands of people in your extended network. The more interaction you have with users and followers on Google+, the more likely it is that your page and website will rank higher in Google Search Engine results.

The Google+ Related Pages Widget makes it simple for your contacts to follow you on Google+ leading to increased Google Search Engine page rank and visibility. Ultimately, this leads to more prospects and customers for your business!

Contact us at Interlockit.com so that our team of Google Apps Certified Deployment Specialists can configure the Related Pages Widget on your Google Apps domain.

Friday, January 28, 2011

Spam takes another hit: email authentication available to millions of Google Apps customers

Google has been an early and consistent supporter of email authentication technologies, which help ensure senders are who they say they are, and in turn help to curb spam.  Interlockit.com configures a Sender Policy Framework (SPF) record as a standard component of our Google Apps implementations that prevents spammers from sending messages with forged From addresses from your company domain.

On January 6th, 2011 Google made available the ability for Google Apps customers to sign their outgoing messages with DKIM, so that your sent mail is less likely to get caught up in recipients' spam filters.  Think of it as a finger print on your outgoing email that a spammer can't duplicate.  We've tested it for a few weeks and definitely recommend setting this up on all Google Apps accounts.

Google Apps is the first major email platform to offer simple DKIM signing at no extra cost other than the labour to configure it.  Once again the power of the cloud has made it possible to bring this feature to millions of customers quickly and affordably.
It takes an Interlockit.com team member about 30 minutes to configure DKIM on your DNS hosting control panel and on your Google Apps account.

If you are interested in having this feature enabled to ensure that more of your outgoing email reaches its destination  give us a call at (416) 840-6268.