Showing posts with label Message Security. Show all posts
Showing posts with label Message Security. Show all posts

Monday, May 30, 2016

No more forged emails! - SPF and DKIM

Secure email is vital to any organization. If you have ever received email from your employee or a company you do business with, but it's actually really from a malicious/unknown source, then you've seen first hand how easy it is to forge emails. Our previous blog post covered how users can prevent important email from landing in their spam folder. This post covers a common question we get from our customer base; why does sent email end up in the recipient's spam folder or isn't delivered at all?


Every recipient is unique and has different spam filtering settings for messages being received. Typically, recipient servers don't provide information about spam filtering to the sender of an email simply because it makes the recipient vulnerable by giving too much information to actual spammers who could then potentially get around the filters. This is where SPF and DKIM authentication come into play. Authentication legitimizes the source of the email to prove it isn't forged and is a thorough way of ensuring your email is delivered to the person you are sending to.

A sender policy framework (SPF) record is a type of DNS (domain name server) record that identifies which mail servers are permitted to send email on behalf of your domain. SPF records are used to prevent spammers from sending email on your behalf. It essentially asks, "is this email coming from an authorized mail server?" If it isn't, the email is likely to be spam.

A DomainKeys identified mail (DKIM) record simply adds a digital signature to emails your organization sends. The email recipient servers check if the signatures match and if so, the email hasn't been tampered with and is from a legitimate sender. Fundamentally, the DKIM check verifies that the message is signed and associated with the correct domain.

Having both SPF and DKIM records in place can greatly reduce the potential of spam email appearing to be sent from your domain and also improves email deliverability. An easy way to check if your domain's SPF and DKIM records are in compliance with Google's recommendation is by going here: https://toolbox.googleapps.com/apps/checkmx/check.
The interlockit.com SPF address declares that Google Apps, Freshbooks, Sendgrid, and MailChimp are all authorized to send email on behalf of our domain. 
Our team at InterlockIT has assisted many hundreds of companies and organizations update and correct their DNS records resulting in very happy customers. Be sure to contact us today to prevent email forgery for good!

Tuesday, April 24, 2012

Google Apps Vault brings better integrated email archiving to Google Apps

As a Google Apps Postini Authorized Reseller we've handled numerous implementations of Postini email archiving and message security.  While Postini has great technology its user interface was ages behind the simplicity of Google Apps.  We're definitely excited about the release of Google Vault which is so much better integrated into the core Google Apps product.

Google Apps Vault eliminates all sorts of administrative headaches for Google Apps and Postini customers such as managing duplicate user lists, email aliases, and email distribution groups across the 2 systems.

Currently Google Vault is only available to new Google Apps customers but we expect Google to allow the migration of existing customers from Postini to Google Apps Vault soon.


By the way, Google Postini is still the best cloud spam and virus filter for Microsoft Exchange or other emails servers on the market.  It will continue to be supported and enhanced for the long term as there is a huge install base of existing users.  Since ~90% of all email is spam, Google Postini removes this heavy load from your internet data lines and on-premise Exchange server.  When we switch customers from an on-premise firewall based spam filter to Postini or Google Apps they are often shocked by the dramatic drop in load on their internet data lines.