![]() ![]() An accurate SPF-formatted TXT record with a “hard fail” helps a lot.Ensure public DNS is correct and optimized:.Send emails only to people who want them: If recipients are not responding, send them an email telling them you will email them less frequently (unless they reply).Send emails only to valid email addresses: If you get a bounce back or a deferral, investigate and remediate before you attempt to send again. ![]() To avoid getting low engagement scores (which can lead to being blocklisted), and improve overall deliverability, there are a few simple rules: They do this by looking at “ engagement“, for example: Does the recipient open your messages or just put them in the Trash? Even if they open the messages, do they reply? If your “engagement” is low, your server’s IP address and your domain are more likely to be be blocked, even if you are not sending what would normally be considered “spam”. #Zimbra spamassassin configuration free#As a result, the major free email services (Gmail, Yahoo, etc.) have gotten much more strict about classifying email, your domain, and your server as a potential spam source. Lastly, in most of the recent email hacks with which I am familiar, two-factor authentication would have prevented the exploit from being deployed, so we are strongly encouraging our customers to deploy two-factor authentication - it’s really not as inconvenient to use as most people presume.ĭecember 2020 Sidebar – Email Engagement and Deliverabilityĭue to COVID, in 2020 many sources (and our own logs confirm) that overall email volume has about doubled. This “forged sender” technique is typically how those emails purporting to be from the CFO and ordering expediting payment to a vendor (really the scammer who sent the email in the first place) cause so much trouble the poor accounting clerk thinks s/he is replying to the CFO, but is really replying to the scammer. This is because the “From:” portion of an email can be easily forged, but the recipient will have the correct email address for the sender in their Address Book. When a user receives an email from someone they know, but the email seems suspicious, DO NOT REPLY to the email! Instead, train your users to FORWARD the email to the (alleged) original sender. Anti-spam will never be perfect, so users need to be trained when to pause, take a deep breath and think before they open or reply to an email. Once again, we cannot overemphasize the need for periodic end-user training. In this blog post, continuously updated since March 2019, we describe how we supplement the various open-source anti-spam capabilities that ship with Zimbra with three commercial block list providers for a low-cost, high-impact solution. In the intervening eight years, a lot has changed, but unfortunately email remains the number one attack vector for malware, phishing, whaling and other scams. Back in 2014 I wrote a good chunk of the Zimbra Anti-Spam Strategies community wiki. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |