![]() ![]() We have been made aware that ******** members have received FAKE email that appears to have been issued by us. Lo and behold, today HR manager gets this e-mail: So we e-mailed the SPF change to our contact at the web host and CC'd the Org to get their approval for the change. While we waited we noticed that they happen to use the same web host as we do and that web host also controls their DNS. We again explain why and re-send my how-to. ![]() Radio silence for a few weeks until HR manager gets another e-mail from them saying that we are still bouncing their e-mails and why haven't we whitelisted yet. So, feeling generous, I created a nice little how-to including their current SPF record, and link to the Constant Contact's KB article regarding their service and SPF records. I looked a little bit deeper and could see that they were using Constant Contact to send their newsletters but they didn't have Constant Contact added to their SPF record. and got a snarky "well, everyone else just adds us to the whitelist I don't know why you can't" reply. Being a competent sysadmin, I refused and explained that it would open us up to accepting spoofed e-mails from their domain which would likely contain malware. ![]() The e-mail instructed all recipients to forward this to your IT departments to have them whitelist their domain in your spam and malware filters so that their e-mail newsletters don't get blocked. At the end of last year our HR manager forwarded us an e-mail from an HR group they belong to.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |