Monthly Archives: January 2022

Super Bowl LVI and Email Security

Super Bowl LVI in California is almost upon us, and for millions of NFL fans around the world, it’s the most exciting time of the year. Unfortunately, it’s also a great opportunity for online and offline fraud. Every year, there is a new announcement of a ticket scam or a fraudulent merchandise.

While Email Security might not be on the minds of fans or businesses preparing for the big game, it should be. Email is still number one vector for starting a hack, cyber attack or online scam. Email is one of the easiest (and cheapest) ways to distribute a message and reach an audience. For legitimate businesses, email is also one of the easiest ways to make a mistake, caught in spam traps and have you message lost. For scammers, this is the opportunity to strike with intricate phishing and spoofing campaigns.

How do Email Settings affect Security?

Email security settings, specifically SPF and DMARC records, are both key to reaching your customers and preventing your brand from being exploited by fraud and phishing attempts.

SPF allows a domain owner to declare what IP addresses are legitimate senders of email for that domain. Inbox Providers check SPF records as part of delivering email that is sent from your domain. Spoofers can easily fake sending email from your domain, but if there servers are not in your SPF records then it will fail the Inbox Provider’s checks. Correct SPF records are therefore a minimum security precaution.

In addition, your domain’s DMARC record can tell an Inbox Provider like Google, Yahoo! or Outlook.com how to treat a particular email. There are three security levels to DMARC:

  • None, meaning accept all email from my domain even if it fails SPF and DKIM checks. This has the lightest level of security for your domain and allows Spoofing and Phishing attempts to make it to your customers’ inboxes.
  • Quarantine, meaning segregate emails that fail SPF and DKIM checks to a separate folder. This means that some email from fraudsters might end up in Spam or Junk.
  • Reject, meaning straight up reject any email that fails SPF and DKIM checks. This has the highest level of protection from fraud and phishing attempts, but may mean that occasionally legitimate email is blocked.

Reject policies are great, but do require regular review of your rejected email. We highly recommend that everyone adopt a “Reject” policy as soon as possible and allocate some time to reviewing rejected email for legitimate content, as well as outbreaks of fraud and phishing attempts thwarted by DMARC.

More information on DMARC tags can be found in our help tools here.

Top Ticket Vendor Domains

If you want to attend the Super Bowl in Inglewood, your best chance for buying a face-value ticket is to be a season ticket holder of an NFL team. If you’re not a season ticket holder, getting tickets will likely require going through 3rd-party sellers and brokers.

Some of the more popular and respected ticket supplier domains include:

While all of these have a minimum security posture of an SPF record, none have a Reject DMARC policy, setting them up for potential exploitation by scammers. Consumers may need to use extra caution when opening and interacting with emails that claim to be from most online Super Bowl ticket suppliers, especially if there are tell-tales of spam.

Let’s look at a few other related online suppliers…

Top NFL Domains Used to Communicate with Fans

Top Hotel Domains Near Stadium

(source: https://hotelguides.com/california/sofi-stadium-ca-hotels.html)

Top Airline and Travel Agent Domains

Opportunities for Improvement

Unfortunately, it appears that many domains are not fully protected by SPF and DMARC records, meaning that consumer safety is up to the Inbox Provider and the consumer themselves. Email hackers and online scammers are ready to take advantage of any companies that aren’t safeguarded against attacks. The Super Bowl is just a single yearly event to exploit, but smaller businesses are also susceptible and less likely to recover. Adopting SPF, DKIM, and DMARC is both critical and inexpensive.

If you are a business owner, now is the time to improve your outbound email security by adopting SPF, DKIM and DMARC. It will improve your email delivery and safeguard your brand against Fraud and Phishing attempts.

If you are a consumer, businesses are slowly adopting DMARC, so until then, keep vigilant about the email you receive!

Microsoft’s 2022 Bug

This week Microsoft announced a bug with Exchange servers that can cause email queueing delays and potentially loss of email. Read more on the specifics here. While it took Microsoft only a few days to issue a workaround and a patch, the issue is the potential downtime and loss of communications that affects your business.

How does this affect you?

If you are running on-premise Microsoft Exchange servers, until you are patched, your servers will queue email. If you send more email than you have disk space on your servers, that email will be lost. Similarly, if you are using a 3rd-party inbox provider that runs on MS Exchange, email service will be disrupted until patched. Depending on disk space on these servers messages could be lost.

Does your business run on email?

If you are like most businesses, you run on email. You probably even take for granted that your email will be delivered within a reasonable amount of time. Issues like this show that email is not infallible and emphasize the need for an expert in email to maintain top email delivery.

How does MxToolbox help?

MxToolbox is the expert in Email Delivery and Email Deliverability. Our team created a complete suite of tools and monitors email delays or failures like this Exchange issue. Here are a few tools that make your life better:

SuperTool (free)

Use the SuperTool to examine individual email configuration issues:

  • MX records – makes sure senders can find your email servers
  • Blacklist status – check the IP addresses in your MX records for Blacklisting which will impact your ability to send email
  • SMTP Check – Check communications with your email server
  • DMARC Lookup – Check the validity of your DMARC setup
  • Header AnalyzerAnalyze incoming email for threats or out-bound emails for DMARC, SPF and DKIM compatibility.
  • Email Health – Run a comprehensive series of checks on the email configuration of your domain. You can run Email Health here.

Each of these tools will allow you to keep an eye on your email configuration when run regularly. You can create a monitor for one of these for free, or, you can upgrade to a monitoring solution that automatically checks your configuration.

Round-trip email monitoring

A part of our Delivery Center suite of tools, Mailflow Monitoring performs a regular, periodic check of end-to-end email flow through your servers. Run every five minutes, Mailflow Monitoring, gives you quick insight into slowdowns in your email systems. In fact, dozens of MxToolbox Mailflow Monitoring customers realized the MS Exchange issue before Microsoft announced it. Our Mailflow Monitoring detected a slow down in their servers and alerted them to the issue, enabling them to clean queues and expand disk space before suffering an email outage. Learn more about Mailflow here.

Regardless of why your business is running an in-house email server, MxToolbox has a suite of tools and products to help you keep your email running smoothly and alert you to potential issues. Check out MxToolbox Delivery Center for all your email deliverability needs.