Weekly Tech Tidbit – Paper’s Please

June 30th, 2022
Weekly Tech Tidbit – Paper’s Please

 

The first line of email defense is a properly formed SPF record

"Paper's Please"

Those words denote fear. Some official, authority person (often with a gun and with lots of their co-workers with guns) is asking for identification at a checkpoint.

If you don't have what they want in the way they want it, you are not getting through. I have a friend who was bringing donated, East Fishkill, Arlington, and Wappingers soccer gear to run a soccer camp at a refugee camp in Lebanon. He was arrested for "smuggling" by the Lebanese authorities. After a few hours in jail, he was let go. It was a tense few hours.

Spam quarantine filters are much like that. You want your message to pass the gauntlet. It is being inspected and dissected, to see if it has been perfected in relation to spam score, SPF, DKIM, and DMARC. The better your grade, the more likely it gets through unchallenged.

Not a week goes by that I don't get questions about emails not delivered because they are in quarantine - or worse - an outright block. The questions come from the sender upset that their very important email was not cleanly and quickly delivered, or the receiver upset that they have been sitting around waiting for an important email which didn't arrive due to quarantine.

It is a no-win situation for all of us. The second one email gets passed the quarantine filter that shouldn't have, the alarms go off with, "how could this have happened?"

It is a Wallenda-like tightrope walk across Niagara Falls.

The beginning of the Ukraine war has brought phishing attempts to record, all-time highs.

Our July webinar is about phishing. Watch for upcoming details from Lisa on that.

One area where the spam filtering has gotten much ornerier is in the area of SPF records.

I have talked at length about this at Tech Talk and in separate webinars. While I don't think CISA has said this, I believe they will. If you don't have basic SPF records setup, you are being irresponsible and really don't care if you email is reliably delivered or not.

Hopefully, you have DKIM and DMARC records too, but start with SPF.

Spam filters are getting much more critical of any sender who can't take the time to properly form a basic SPF record.

One specific place we have recently seen a flood of SPF "Sender Policy Framework" rejections pop-up is in the area of "sub-domains". My domain is csiny.com. It has SPF, DMARC, and DKIM as relevant with DMARC set to quarantine. However, spam filters are treating LISTS.CSINY.COM as a discrete domain. Therefore, they are looking for discrete records. They are not allowing LISTS.CSINY.COM to inherit the SPF, DKIM, and DMARC settings of the parent domain.

What this means to you is even if you have setup your main parent domain with all the proper records for email, if you have a sub-domain, that you also use, you must re-setup the same records reflecting the sub-domain to keep your emails out of spam filter jail.

If this is all Greek to you, or if you now realize that you are using sub-domains to send some of your email and need help cleaning up your records, please give us a call.

We are happy to help.

-Scott Quimby