Business email can sometimes be difficult to setup properly. While is is often a task best left to a web developer, if you dont have a grounding in what is required then it can be difficult to ensure you receive appropriate assistance and value for money. But a quality setup is important as a security breach or lack of reliability in business email can leave a devastating impact on your business, trade or reputation. Are you aware of the important email security and deliverability components of your business email setup?
Often I find situations where business owners have been cutting corners with email setups or persevering with issues in a poor email setup. Yet many key security and deliverability improvements can be achieved with just a few short and simple additions or changes to the setup. The problem is identifying what is required, where the gaps are and how they can be overcome.
My aim with this first article is to help you as a website owner, to move forward with your understanding of important email security and deliverability components of your business email setup, so hopefully you can gain some confidence to impact changes yourself or at minimum be able to make change through improved negotiations with your web developer.
If you have any questions or additional glossary terms you would like added, let me know in the comments
SPF
The sender Policy Framework (spf) is an extension to the Simple Mail Transfer Protocol (SMTP). It’s one of 3 top methods promoted by Google to protect your email. This policy framework uses a certain type file as a record to allow software to identify and reject forged email addresses in the return-path i.e. the “mail from” path. a typical problem in email spam. These SPF records allows the owner of a domain name to specify which email servers are authorized to send emails on behalf of that domain. This helps ensure that the messages are delivered correctly from your server and not pretending to be you via another server.
SMTP
Secure mail transfer protocol (SMTP) is considered the standard way to send emails. The protocol needs you to login to a mail server to send emails, which prevents the abuse of the email server and thus improves email deliverability.
DMARC
Domain based Message Authentication, reporting and Conformance (DMARC) is a email authentication method used to prevent hackers and other scammers from spoofing their domain. It also helps website admins to request hidden reports ith their emails that have information regarding the email being sent to you. These reports help them recognise malicious activity and potential authentication problems for messages sent from the domain. DMARC is also one of 3 top methods promoted by Google to protect your email.
DKIM
DominaKeys identified Mail (DKIM) are records similar to SPF records in that they are used to try and prevent email spoofing. The method they use is a bit different from SPF records however. DKIM adds an encrypted signature to the header of all outgoing messages. Email servers that get these signed messages use DKIM to decrypt the message header and verify the message after it was sent, and confirm that it was not changed in between sending and receiving. DKIM is also one of 3 top methods promoted by Google to protect your email.
Spoofing
“Spoofing is a criminal activity where a scammer tries to get access to someone’s personal information by pretending to be a legitimate business, neighbor or some innocent party” techtarget.com. It is a technique used to trick users into thinking a message came from a person or business they thought they knew or could trust. In such attacks, the sender forges email headers so that client software displays the fake sender address, which most users take at face value. If it’s a name they recognise, they’re more likely to trust it. Then after clicking malicious links, malware attachments are opened, sending sensitive data or transferring funds.
Email spoofing is can occur due to the way email systems are designed. Outgoing messages are assigned a sender address by the client application but outgoing email servers dont have this feature and there is no way to tell whether the sender address is legitimate or spoofed.While some “servers and antimalware software can help detect and filter spoofed messages, not every email service has security protocols in place to handle these types of email scams.” says Proofpoint.com
phishing
Phishing is an advanced type of spamming email that uses deceptive mail as a source of weapon . Cyber criminals disguise themselves as well-known brands or people with an excellent reputation to get sensitive data like users’ names, passwords, credit cards, bank accounts, etc. They usually frighten or excite users, leading them to a fake website where they trick people to get funds from them. sendpulse.com his type of email term is also associated with credential theft and site infection with ransomware
spamming
Spamming is the sending bulk messages through email that you didnt agree to (unsolicited). Its also referred to as junk mail. It comes in different varieties, the most popular amongst scammers being to promote scams or borderline fake business schemes and as such usually promotes access to pharmaceutical drugs, unrealistic weight loss programs, online degrees, job opportunities and gambling etc. “Spam can be sent by real humans, but more often, it is sent by a botnet, which is a network of computers (bots or spambots) infected with malware and controlled by a single attacking party (bot herder). “ says Techtarget.com
There are many reasons why you can be the recipient of spam emails and I will discuss this and ways to address this, in a post another time.
DNS records
Domain Name System (DNS) is a file record system that lets you connect to websites by matching human-readable domain names (like yourwebsite.com) with the unique ID of the server where your website is stored.
DNS system acts like a phonebook of the internet. It lists domain names with their corresponding identifiers called IP addresses. Instead of people’s names and phone numbers being listed it allows you to determine the physical location where that website is stored based on the IP of the website.
The 5 major DNS record types are A records AAAA records CNAME records Nameserver (NS) records Mail Exchange (MX) record
MX records
Mail Exchange (MX) records are a type of DNS record. They are a file used to direct a domain name to an email exchange server. They do this by stating how the email exchange server is responsible for receiving email on behalf of a domain and the files do this in line with the Simple Mail Transfer Protocol (SMTP). MX records must always point to a domain names which belong to another zone record
Zone records
Zone records are all the DNS records held together for your domain on the same server as your website. They are records of different types that serve the purpose of mapping your domain to IP addresses and other resources.
its great