Has your email been Spoofed?

Email spoofing can harm your corporate brand, decrease open rates for your legitimate email, cause legitimate email to be blocked, compromise website security and even create financial complications.  No company is totally immune from malicious email spoofing using their domain, but there are ways to protect yourself.  Spoofing comes in a few different forms:

  • Simple Domain Spoofing – a spammer sends email that looks like it is from your domain, but originates from a server that you do not control or not in your SPF record.
  • Hacked SPF Sender – A spammer hacks a legitimate sender, one listed in your SPF records, and sends email that appears to be from you.  
  • Hacked Internal Account – A hacker compromises an internal email box and sends email via legitimate sources.  
  • Similar Domain Spoofing – A spammer sets up a complete domain that has a similar name to yours.  For example, “example.com” versus “exarnple.com” or “exampIe.com”.

Recently some fraudsters were brazen enough to attempt to spoof email from MxToolbox.com.  This illustrates how our experts (and MxToolbox Delivery Center Product) protect us from fraud and phishing and how we can protect your company too.  

DNS Configuration

Good email delivery and protection from fraud and phishing attempts requires expert management of your DNS.  Four DNS protocols are particularly important:

  • SPF allows you to delegate outbound email to 3rd parties.
  • DKIM allows you to crytographically sign email to take ownership of the email you send.
  • DMARC provides two very useful features:
    • Allows you to designate email addresses to receive feedback on your email delivery.
    • Allows you to set an email delivery policy for how inbox providers handle email that isn’t DMARC compliant with either SPF or DKIM.
  • BIMI allows you to provide an icon that inbox providers may display if your email passes DMARC with a strict DMARC policy

Our spoofer used IP addresses outside of our SPF so failed SPF checks and DMARC compliance.  Additionally, our DMARC policy is set to reject, so inbox providers knew to discard these failed emails immediately.  Our expertly configured DNS helped us reduce the impact of this attack on our email delivery, our customers and the non-customers targeted.

You might think that DNS configuration is all you need to protect your email delivery, but there is more.

Visibility

SPF, DKIM and DMARC Passing Rates

While DNS configuration is the most important first step in email deliverability, you need constant visibility into your email delivery status in order to protect your brand.  MxToolbox Delivery Center provides important insight into your email delivery posture with real-time statistics on SPF, DKIM and DMARC pass and fail rates across all your email senders, legitimate and fraudulent.  

In this case, MxToolbox Experts quickly noticed a spike in email from illegitimate sources.  Delivery Center reported this spike by analyzing DMARC reports approximately 24-48 hours before we began to receive bounceback notices from targeted inbox providers.  With strict ‘Reject’ DMARC policies in effect, our Expert team could rely on most inbox providers dumping these emails without delivery, however, we needed to analyze the potential risk.

Bounce Analysis

MxToolbox Delivery Center integrates a Bounceback analysis tool that allows us to analyze bounceback email messages from dozens of inbox providers to determine the reason an email failed to make it to the intended recipient.

bouncebacktool.JPG

Bounceback messages can help you understand recent attacks and prevent new ones.  For example, a bounceback due to Reverse DNS failure, as above, is an indicator that your spammer was using a server outside of your network and not listed in your SPF as was our recent spammer.  Bounceback messages can also provide insight into other reasons for delivery failure, including blacklisting, malware/spam content and more.

Feedback Loops

The newest visibility feature of MxToolbox Delivery Center incorporates Feedback Loops.  Feedback Loops allow Inbox Providers to return information from inbox owners to the original senders, including much of the original message header.  Analyzing message content and headers returned via feedback loops gives you unique insight into how your email is being perceived by recipients.  Did the recipient report you as spam?  Was the email actually fraudulent?  Was the content yours but appeared spammy?  Feedback loops are very powerful and a necessary part of maintaining high quality email delivery.  

Get ahead with Delivery Center

To maintain the highest levels of email deliverability, businesses like yours need a proven Email Delivery management system like MxToolbox Delivery Center.  Delivery Center provides you with valuable insight into your email delivery posture and the on-going maintenance necessary to maintain peak performance:

  • Who is sending email purporting to be from your domain
  • What is the reputation of your senders’ IPs
  • Geolocation of your senders and What their blacklist reputations are
  • How your SPF, DKIM and DMARC setup is performing
  • What senders are failing DKIM
  • What senders are failing SPF verification
  • When to setup more restrictive policies for DMARC
  • What on-going maintenance you need to maintain and improve your email deliverability

 

Is your email going to Spam?

Many of our customers hear about us because their business partners tell them that a message failed to reach their inbox or was found in the spam or junk folders.  The typical cause:  a blacklisted sending IP address.  While monitoring for blacklisting is fundamental for preventing email going to spam, inbox providers are now using more technologies to prevent spam from reaching their users.  You need to step up your game!

MxToolbox is here to help

Inbox providers like Google, Outlook and Yahoo! now scan incoming messages for spammy content or words, phrases, domains, and financial requests that are frequently found in spam.  Our SpamAnalyzer tool allows you to get insight into the spammy nature of your content and make changes before you send an email to your customers.

How does it work?

Create you email in your standard mass emailing platform and send yourself a test email.  Locate the email and view the email source.  Copy the email source and paste it in our SpamAnalyzer tool.

Spam_analyzer_home

We run over 700 different types of analyses on your email and provide a detailed report on the tests.  Our report gives you the opportunity to improve your email setup and email content to give you a better chance to have your email land in inboxes and not in spam folders.

Other tools

MxToolbox focuses on providing tools and technologies to help our customers get their legitimate email to their customers, suppliers and partners.  If you are experiencing problems with email going to spam, we highly recommend a multi-step approach:

  • Check all your senders regularly for blacklisted IP addresses and domains (see Adaptive Blacklisting for our unique approach)
  • Make sure all your email senders are in your SPF record
  • Setup DKIM for all email senders
  • Setup DMARC to get feedback on your email
  • Enlist a DMARC analysis service (like MxToolbox Delivery Center) to get insight into the feedback you are receiving on SPF, DKIM and DMARC compliance and the emergence of fraud and phishing attacks using your brand
  • Analyze outgoing emails for signs of spam with SpamAnalyzer
  • Enroll in Feedback Loops to get direct customer feedback

Expert Support

MxToolbox is the expert in Email Delivery and we know that adopting email best practices can be difficult and time-consuming.  We offer a Managed Services approach to improve your email delivery allowing you to return to what you do best: your business.

A Case of Fraud and Phishing

Companies large and small are potential victims of fraud and phishing using their brands and domains.  If you leave your business unprotected, it is simple for hackers and fraudsters to leverage your domain and brand to email your customers scams.  Companies in banking, financial services and investment advice are at particular risk due to the potential for immediate financial loss.

MxToolbox Experts are here to help you prevent damage to your brand and improve your email deliverability.  Leveraging new email technologies, such as DKIM, DMARC, BIMI and others, our Managed Services team helps businesses worldwide with email deliverability and protect against fraud and phishing.

A recent Investment Advisory case study shows how MxToolbox can help:

  • Leveraging DMARC best practices to aid email deliverability
  • Improving SPF, DKIM and DMARC compliance rates
  • Implementing strict DMARC policies to prevent Fraud and Phishing
  • Dramatically Improving Email Open Rates

Read the Case Study

Case Study: Financial Services Company

MxToolbox has a decade plus history of improving email deliverability for our customers.  Occasionally, one of our customers provides insight into exactly how we helped and what it means to their business.

The recent results from a Financial Services company illustrates the way our Managed Services teams increase email delivery and open rates to generate business value.

Highlights include:

  • Implementing DNS best practices to aid email deliverability
  • Improving Email Delivery Rates
  • Dramatically Improving Email Open Rates

Read the Case Study

The End of a Blacklist – BSB

On Friday the 17th of April, the blacklists BSB and BSB Domain shutdown.  When a blacklist goes offline, it typically returns a positive blacklisting event for every IP address or Domain inquiry.  This is standard but can be a bit alarming for users.

What that means for you?

All of our Monitoring and Delivery Center customers suddenly had a notification of blacklisting on BSB or BSB Domain.  This is normal.  MxToolbox has removed BSB and BSB Domain from the list of blacklists we check.  All notifications that we previously sent of blacklisting by BSB and BSB Domain can be ignored safely.  If BSB and BSB Domain return to action, then we will evaluate adding them back into the list of blacklists we search.

The Importance of Email Delivery Management

Blacklisting is not the only reason why your email may be denied or tossed into a Spam or Junk folder.  Blacklist monitoring is the beginning of good email delivery management.  In addition to monitoring your email for blacklisting, you need to:

  • Monitor your DMARC, SPF and DKIM configurations for compliance with industry standards
  • Regularly monitor the blacklist reputations of all your senders; not just your own IP addresses, but every CRM, Marketing Automation, Order Management, Support Ticketing and other sending system.
  • Actively monitor and manage the DMARC compliance rates for your legitimate senders, eliminating non-compliant senders if needed.
  • Monitor DMARC compliance rates for Fraud and Phishing attacks using your brands

MxToolbox Delivery Center provides you with the capability to manage your Email Deliverability, reducing the chance that your email will be dumped to spam or junk.  Check out Delivery Centertoday, or Contact Sales for a Walkthrough of Delivery Center Managed Services.

 

Email still going to Spam and Junk?

There are many reasons an email can end up in a Spam or Junk folder.  While no system can promise 100% inbox delivery, there are things that our experts can help you with that dramatically improve email deliverability.  Let’s take a look at a few reasons why emails fail to arrive and what can and cannot be done to correct it.  

DMARC Compliance

First, if you aren’t monitoring email delivery, then you don’t know what your DMARC compliance rates are right now.  If you are say around 75%, that’s 25% of your email that fails to make it to the server, much less the inbox.  MxToolbox can help there.

Second, our DMARC compliance rates (and many of our Managed Services customers) are around 99.8%, some of the highest in the industry.  With the volume of email we send in a week, that’s still several thousand emails that fail compliance.

There are many causes of DMARC compliance issues.  Some you can control through better configuration (our specialty), some you cannot control. For example, if you have a large amount of forwarded email, SPF and DKIM will often break, making that email non-compliant.  The newly released ARC standard is starting to help reduce that breakage, however.

Blacklisting

Email sender blacklisting is still an issue.  If your email sending tools are blacklisted, then some of your email will be blacklisted.  It happens and reduces delivery rates. Again, if you aren’t monitoring it, you don’t know about it.  We know that some of our sending IPs were blacklisted in recent emails, which may send some email to spam or junk.  If you are monitoring blacklisting for all your senders, then you can identify problems with these senders and address them either by working with your sender to improve their blacklist status or finding a sender with a better reputation.  Our Adaptive Blacklisting give our customers insight into the blacklist reputation of all your senders.

The Appearance of Spam

Finally, some emails appear spammy to standardized spam rules that inbox providers apply.  This is something MxToolbox tests for before every email broadcast. You can test emails too, with Spam Analyzer.  

However, custom spam rules and customer behavior are something that no emailer can get around without feedback from users.  For example, Gmail applies custom spam rules based upon some image attachments and Outlook.com appears to automatically junk email from senders that you routinely delete without opening.  Fortunately, many inbox providers are leveraging feedback loops to provide insight to legitimate senders about their users’ behavior.

Conclusion

No email delivery tool can promise 100% inbox placement.  Email Delivery is a complicated balance leveraging existing and emerging technologies to help you business communicate your message.  Our Experts spend their days working with these technologies to help our customers improve their email delivery.  

If you have learned something from this, then maybe you can trust us to help you. 

My Favorite Tools

If you are like many of our users, you have a favorite tool or set of tools that you run often.  Our customers have informed us that the “More” page is the most bookmarked page of MxToolbox.com and the one most likely for them to access to do work on a regular basis.

Introducing Favorites

In March, MxToolbox added a feature to our More/NetworkTools page that allows registered users to save a set of favorite tools.  Now, you can save a set of tools that you use frequently and access them through the “My Favorite Tools” tab.

FavoritesTab.JPG

Add a Favorite Tool by clicking the heart icon on any tool.

FavoritesTabIcon.JPG

And, boom, you have favorites.

FavoritesTabMade.JPG

Use Favorite Tools to save yourself time and effort when using MxToolbox.  Enjoy!

 

Announcing Bounceback Reporting

Emails bounce.  It’s a fact of email marketing that some percentage of your emails will not make it to the intended customer, partner or vendor.  Inbox providers are leveraging more and more technologies to prevent spam, malware and phishing attempts from making it to their users, which means there are more reasons to bounce email.  Email bouncebacks come in many forms:

  • Malformed email addresses
  • Email addresses that do not exist
  • Email box is full
  • Bad forwarding addresses
  • Blacklisted senders
  • SPF authentication failures
  • DKIM signature issues
  • DMARC authentication problems

With all these complicating factors, inbox providers have gone beyond the RFC standards in creating response codes for bounced emails.  Businesses need to keep abreast of these new responses in order to actively manage their email deliverability.

MxToolbox Bounceback Analyzer

MxToolbox experts focus on helping legitimate email senders get their mail delivered.  Our newest tool, Bounceback Analyzer, leverages our expertise in email to give you insight into the many reasons your email may be bouncing.

How does it work?

When you get a bounceback email from an inbox provider, simply copy the email and submit it to our Bounceback Analyzer tool.  Our tool will diagnose the reasons for your bounceback with our unique centralized repository of bounceback messages that span hundreds email provider responses.  Even better, if we don’t have the bounceback response in our library, the tool will let us know so we can go get it.

The Importance of Managing Email Deliverability

Your business will suffer if you are not actively managing your email deliverability.  How can you effectively communicate with your customers, vendors and partners if your email never reaches their inboxes?

Actively managing email delivery involves:

  • Monitoring Blacklist issues with your email senders
  • Monitoring and managing your email DNS configuration – MX, SPF, DKIM, DMARC and BIMI
  • Monitoring and managing SPF, DKIM and DMARC compliance rates
  • Researching Fraud and Phishing using your email domains
  • Investigating Bouncebacks
  • Leveraging Feedback loops
  • Keeping track of Email Deliverability standards and technologies

MxToolbox Experts constantly monitor trends and technologies that benefit email deliverability and incorporate those in our products.  MxToolbox Delivery Center is the best tool to actively manage your email deliverability, leveraging all of our expertise in a central integrated platform.

Feedback Loops

MxToolbox is pleased to announce our latest Email Deliverability Tool – Inbox Provider Feedback Loops.  Feedback loops are a mechanism where Inbox Providers can submit feedback about how your email recipients perceive the email you send them. With Feedback Loops, you can reduce your spend on email, improve your email deliverability and improve your email reputation.

What are Feedback Loops?

Major inbox providers world wide have created a method to let legitimate email senders obtain feedback on the email they send.  A Feedback Loop or FBL is a standardized XML format that tells a sender which of their emails have been flagged as spam and, often, by what recipients.  Some feedback loops even give insight into which emails were not flagged as spam.

How do Feedback Loops Work?

Most inbox providers allow email senders to apply for the right to receive email feedback.  The application process allows the inbox provider to verify that you are a legitimate sender and owner of the domain you are asking for feedback on.  If you are accepted, then the inbox provider will periodically send you feedback their users provide on the email they receive from your domain.

How do Feedback Loops Improve Email Deliverability?

If you are sending a large volume of email, Feedback Loops give you tremendous insight into how your email is perceived by recipients.  For example:

  • Which users routinely mark your email as “SPAM”?  You can compile a list and remove these users from email campaigns in the future, saving yourself money and improving your email deliverability.
    Note: not all inbox providers provide email addresses of users.
  • What email campaigns get the most “SPAM” warnings?  Some subject lines, body texts and graphics can be a trigger for spam.  Your marketing team can then change email copy to improve this perception and may even see open rates improve!
  • What technical problems may be causing my emails to be flagged?  Occasionally, your email configuration may be detrimental to email deliverability.  SPF, DKIM, over-aggressive re-delivery, multiple emails to the same address, etc. may cause your email to appear as spam to a user or inbox provider.

What does MxToolbox Feedback Loops do?

MxToolbox Feedback Loops goes beyond the basic feedback from Inbox Providers like Yahoo!, Rackspace and others.   We provide both the original header and our expertly tuned analysis of the “Spammy” nature of the email.  With MxToolbox Feedback Loops, you will get better insight into why the user or inbox provider flagged your email as spam and how to correct the issue in future emails.

What MxToolbox Products have Feedback Loops?

Currently, Feedback Loops are available to Delivery Center Plus and Delivery Center Managed Services customers.  Please contact support to begin testing Feedback Loops for your business.

Office 365 Joins ARC

Microsoft is the latest prominent name to adopt the Authenticated Received Chain (ARC) email protocol.  The ARC standard is now available for every Office 365 hosted mailbox. Already used by Google (Gmail, G Suite, Groups) and other email providers, the continued adoption ARC improves email delivery and security.

What Is ARC?

ARC is a new protocol designed to provide an authenticated “chain of custody” for emails. Essentially, this initiative requires that each forwarding email system handles the message in a standard way to preserve the DKIM wrappers.  This allows each inbox provider in the chain to see what other intermediaries have handled it along the way and verify the DKIM signature of the message at each step throughout the delivery process.

ARC leverages the DMARC and DKIM email authentication standards to help fight email spoofing and improve email delivery for forwarded messages.  Prior to ARC, the chain of custody may or may not have been preserved for forwarded emails, resulting in legitimate mail being rejected.  With the implementation of ARC,  email forwarded to Office 365 will be more likely to be delivered as DKIM signatures will be preserved.

Seeing the Benefits of ARC

RFC 8617, specifies the ARC standard for inbox providers, but, what does that mean for business senders?  First, you need to adopt the basic email deliverability standards – SPFDKIM and DMARC.  If you have not already read it, MxToolbox has a great guide to setting up these protocols.  Once you have SPF, DKIM and DMARC setup, inbox providers that have adopted ARC will automatically process your email appropriately.  

MxToolbox Delivery Center provides everything you need to manage the on-going maintenance of email delivery.  Learn more about Delivery Center and how we can help you with email deliverability!