Weekly Tech Tidbit – Risk and Compliance Part III – Making your email more reliable

June 19th, 2020
Weekly Tech Tidbit – Risk and Compliance Part III – Making your email more reliable

Last time I talked about making email safer.   I focused on inbound email to your users and outbound encrypted emails.   However, I neglected to say that advanced spam filters also work outbound.   That means that your end-users email and attachments will be scanned to protect against an inadvertent sending out of malicious content.

This week I am going to focus on things you can do right now to make your email delivery more reliable.

One of the problems we all have with email is when the intended recipients say, "I never got anything from you".   It is frustrating when your email content gets caught up in their spam filters.

There are some free steps that you can take to make sure your outbound email meets the highest standards of email communication so that it will be properly delivered vs. being either blocked outright or relegated to a spam filter that most users never check.

  • Make sure your domain is not blacklisted.  Go to https://www.mxtoolbox.com and type your domain name into the blacklist checker.  It is free.  If you have something bad going on, it will tell you what spam filters don't trust you.  You will need to assess the list and work with each spam filter vendor (if any) to make sure that you are considered safe.  You should repeat this test every six months just to make sure nothing bad has crept into your system.
  • Implement a proper SPF record for your external DNS.  An SPF record says that you and the companies or organizations who send emails in your name are legitimate.  Companies sending in your name might be Google Apps, Microsoft Office 365, SchoolMessenger, and other third-party subscription applications.   They should all be properly listed in your SPF record.
  • Implement a DKIM record for your email domain and for any of the vendors that are sending emails in your name. DKIM records for your email domain and the vendor's sending emails in your name is kind of like a serial number for email proving that you are you at a much higher level than a basic SPF record.

Finally, if you have set up a DKIM and an SPF record there is one more record called a DMARC record that allows you to start to document and potentially control email flow from remote sources that may not meet these high standards you have chosen to implement.   This is the last step.  We can start observing but not blocking emails.  If desired, we can get more aggressive and block or quarantine inbound emails that fail to meet your high standards for these more robust email security standards.

Once we know what your vendors want in their SPF and DKIM records, this is a fast and easy process.   We are happy to help get this set up so your email is viewed as legitimate and gets delivered in a timely manner.