Category Archives: Google Apps

Check here for news regarding our partnership with Google Apps. This will include Google Updates, Release Notes and more!

Google expands support for BIMI: Is it time to dive in?

Google recently rolled out additional support for BIMI through their Gmail.com webmail application and mobile apps.  Since Google is one of the largest Inbox Providers in the world, this should be an exciting step forward for BIMI and for Marketers wanting to reach potential customers.  (For more information on BIMI, click here.)

Google’s Implementation

On Gmail.com and Google mobile applications, users will see a checkmark and BIMI logo next to an opened email as in the image below.  In addition, Google mobile applications will display the logo next to the sender in the Inbox view by the subject line.  BIMI logos should lead to an uptick in Open Rates and Click-through Rates because of additional confidence in the “certified” origins of these emails.

In order to have your logo displayed, Google requires you to:

  1. Setup SPF, DKIM and DMARC
  2. Have a DMARC Policy set to 100% Reject for email failing DMARC
  3. Generate and post a correct BIMI logo
  4. Have a Verified Mark Certificate (VMC)

The first two steps will dramatically improve a sender’s email delivery and email reputation.  Adopting DMARC gives Inbox Providers more assurance that your email is legitimate and not spam, while a strict DMARC policy prevents your email domain from being used in phishing and fraud attacks.  A VMC is designed to protect both Google and your brand by certifying the owner of the logo and domain.  Unfortunately, a VMC costs roughly $1100-$1500 annually per Email Sending Domain, which makes it expensive for many small businesses.

What other Inbox Providers support BIMI?

The BIMI working group has a list of all current Inbox Providers that support BIMI.  The good news is that big, global Inbox Providers like Apple, Yahoo!, and now, Google support BIMI as do several smaller or local providers like Fastmail and LaPoste.  This list appears to be growing.

Unfortunately, consistent logo display is an issue.  Many Inbox Providers only have partial support for BIMI or support different rules for displaying BIMI logos online vs via mobile applications.  In addition, many providers do not support BIMI logos in the Inbox view, where most people make the decision on whether or not to open the email.  This reduces the impact to Open Rates and subsequent downstream effects, like Click-through rates and Sales.  

MxToolbox Expert Take

Increased support for BIMI is a great sign for the technology.  After over four years of moving glacially forward, we’re hopeful that this will increase the pace of BIMI adoption.  To a Marketer, the idea of having your logo proudly displayed next to your verified email in the Inbox both increases the chance of the recipient opening the email and improves the reputation of the brand. 

There are Drawbacks

However, the current level of support does not entirely live up to that promise: few Inbox Providers display the logo in the Inbox where Open Rates will be affected. In addition, the extra expense associated with a Verified Mark Certificate might be considered burdensome for many small businesses, leaving gains to the larger businesses and brands.  While the extra security from a VMC is like that of an SSL certificate for ecommerce, the additional value BIMI provides may not be there for every brand yet.  

There are Alternatives

Finally, both Google and Microsoft already have other ways to display user images or logos in the message view of an individual email.  If the sender is a Google Workspace user, their preferred image will be displayed in the same spot as the BIMI logo.  Microsoft offers Microsoft Business Profile program to create a unique identifier card. Office Web Apps in Office 365 and Outlook.com use the verified icon provided to Microsoft when a company joins the program.  A savvy marketer might be able to get much of the BIMI effect from these alternatives.

MxToolbox Recommendation

Focus on the basics of Email Delivery: Technologies like SPF, DKIM and DMARC, and Best Practices in email list management and content relevance. Once your DMARC configuration is really set, then think about icing the cake with BIMI.  To get started with BIMI, check out our Knowledge Base and free BIMI Lookup tool.

Adopting DMARC and getting DMARC to a strict policy is imperative for good email delivery and adopting BIMI. Get started today with MxToolbox Delivery Center.

Google to Fully Support BIMI

This week, Google finally announced the roll-out of BIMI across all Gmail inboxes. This is great news for email delivery and email security. BIMI will give recipients more confidence in the email they receive and force senders to adopt new technologies to make email more secure.

What is BIMI?

BIMI or Brand Indicators for Message Identification, is a DNS-based email technology that allows a company to post a logo for use by inbox providers. Inbox providers, like, Google, Yahoo! and Outlook/Office365.com, can show this logo to their customers next to certified messages from that company. If the email is not compliant with DMARC, then the logo does not show. Since it’s certified by being DMARC-compliant, your customers will know that the message is really from you and you will get your logo out in front of more customers and prospects!

How do I get BIMI?

BIMI requires DMARC. Before you can get your logo to appear in Google’s inbox, you first need to get your email fully DMARC compliant and then move to strict DMARC policies. Becoming DMARC compliant isn’t easy: you need to understand who is sending email on your behalf, have them properly configured with both SPF and DKIM and regularly monitor DMARC delivery reports to understand your DMARC compliance.

Once you have your verified sources of email fully DMARC compliant, you can start moving toward stricter “Quarantine” or “Reject” policies with your DMARC configuration. Once you set DMARC policy to “100% Reject” for non-compliant email, BIMI-compliant inbox providers will start appending your logo to email from your domain.

MxToolbox is your Expert for DMARC and BIMI

To maintain the highest levels of email deliverability using DMARC, businesses like yours need a proven Email Delivery management system like MxToolbox Delivery Center.  Delivery Center provides you with valuable insight into your email delivery posture and the ongoing maintenance necessary to maintain peak performance:

  • Manage SPF, DKIM, and DMARC (and BIMI) to improve compliance and reduce the threat of fraud and phishing using your domain.
  • Review daily volume and SPF, DKIM, and DMARC compliance rates to ensure the best email deliverability.
  • Implement Feedback Loops to gain unique information on how your recipients view your emails and when they mark you as spam.
  • Gradually move your DMARC policy to Reject to enable better inbox placement opportunities and reduce the risk of Phishing and Fraud using your domain.
  • Manage the on-going requirements of maintaining high levels of email deliverability

Search Gmail logs in the administrator control panel

Leave a reply

This is very exciting news!

What happened to an inbound or outbound message? Was a message sent to my domain and marked as spam? Which users sent or received a specific message? Starting today, domain admins can get answers to these and other such questions using Gmail log search. This feature is now available in the administrator control panel.

See Finding messages with email log search for steps on using the email log tool located within the Reports tab. See Viewing message details for a description of the output. Finally, see Interpreting message details for recommendations on using log search results to investigate delivery issues.

Guidelines

When using email log search, keep in mind these limitations and conditions:

  • Only super administrators have access to email log search.
  • Resellers do not have access to the email log search feature for a resold domain when accessing its control panel via the reseller console.
  • Messages may take up to an hour after being sent or received to appear in the email log search database.
  • Only messages from the past 30 days can be retrieved via search.
  • The maximum date range for queries is a seven-day period.
  • Log times are shown in the administrator’s own time zone.
  • Mail sent to a Google Group or other mailing list doesn’t appear unless a Google Apps user is a member of that group and a recipient of the message.
  • Focused queries are faster and recommended. For instance, a specific message ID query may take a few seconds to return results while more generic queries without a message ID may take dozens of seconds to complete.
  • Search values must be complete. No partial matches or wild cards are supported.
  • Although the subject is shown in search results, messages cannot be queried by subject.
  • Only one sender or recipient can be entered in a query. Multiple entries are not supported.

For more information:
http://support.google.com/a/bin/answer.py?hl=en&answer=2604578

Asset Management Real Estate Chooses Google Apps with MxToolBox Support to Reduce Infrastructure Costs

Leave a reply

Collaborated by Chad James and Phil Palm, IT Manager

Asset Management Real Estate, LLC (AMRE) is a highly experienced brokerage firm with thirty years experience in managing large scale real estate operations across the US in numerous business markets. They currently have approximately forty employees operating out of multiple office locations. In October of 2011, after extensive problems with the incumbent email host, they made the decision to implement Google Apps for Business with the support of MxToolBox; Email Systems Integrator and Google Apps Authorized Reseller.

AMRE came to MxToolBox after reports from clients that they weren’t receiving emails and weeks of receiving little to no support from their existing provider. AMRE chose Google Apps for a number of reasons including web-based email with enhanced security, deliverability, shared documents, and de-centralized remote access for mobile users.

Our provider pointed us in the direction of MxToolBox for help. We were currently investigating implementing our own internal Exchange Server or moving to a Hosted Exchange platform. However, given the initial hardware and software costs that were associated with purchasing our own server, and after one conversation with MxToolBox, we knew that Google Apps with MxToolBox Support was the answer. They had the knowledge and expertise in email delivery that we needed and extensive experience implementing Google Apps for small businesses with a strong emphasis on resolving blacklist problems.

One feature that we are very pleased with is Google Documents. With this feature, we are able to share documents both across our company and with external clients and not worry about backups or excessive security rights.  This simple-to-use feature has streamlined our operations considerably, and has greatly reduced stress when working with other businesses or clients who don’t have the same features available to them. We like the internet access and ‘Cloud-Based’ options which provide outstanding support.

Google Voice has also given us an added benefit. Calls to our office phone system can be forwarded to Google Voice accounts, and then voicemails received can be accessed by email accounts.  This helps our mobile workforce to receive their voicemails wherever they are, and provides an accurate trail for assistance. The voicemails can be forwarded on to other workers or clients, and an action trail can be established. This feature is something that businesses like ours did not have two years ago at this time, so this puts us ahead of others in this regard.

Implementing Google Apps can offer a tremendous savings versus installing and maintaining your own servers; both from a hardware and software licensing standpoint and in the time and energy it takes to manage that infrastructure. The native features as well as the new changes and improvements that come on a near weekly basis alone are worth the investment, plus you never have to pay for those additions. With MxToolBox providing email expertise and support, you can rest assured that the answers to your questions and the solution to your problems are just a phone call away!

The Ivy Group, Ltd. Moves to Google Apps with MxToolBox; Eliminating Internal Hardware Headaches.

Leave a reply

Collaborated by Chad James & Bobby Pearson, Ivy Group IT Administrator

The Ivy Group, Ltd. is a full-service marketing consultancy firm specializing in research, strategy, branding, web design, print, communications, and visual media, servicing customers nationwide since 1989. With teams working out of two offices, reliable email and prompt, responsive communication tools are critical. In October of 2011, after facing a number of problems with server availability and storage problems due to other applications on the server and, for the most part, a lackadaisical approach to data security, they made the decision to transition from an in-house Exchange 2003 SBS environment to Google Apps for Business with the support of MxToolBox, a US-based Google Apps Authorized reseller and Email Systems Integrator.

The Ivy Group came to MxToolBox with outbound delivery problems resulting from a blacklisted server address. As it happens, several employees were already lobbying for the move to Google Apps based on the uptime, mobile support, and universal accessibility and preferred the Gmail interface to that of Outlook or Outlook Web Access. Additionally, with few to no spam filters in place, many users would spend upwards to half an hour a day just sifting through spam. Look what Bobby Pearson, IT Manager at Ivy Group, had to say:

After reviewing the pros & cons about other providers and alternatives including upgrading our existing Exchange Server, we determined that Google Apps was the best choice with MxToolBox providing support. We chose to work with MxToolBox because they run an amazing website tool for DNS diagnostics and blacklist lookups and helped shed light on our email delivery problems when no one else could. When it came time to start the move, MxToolBox helped make the ordering and implementation process fast and efficient and fit within our 1-week rollout time.

The cost of moving to Google Apps presents a tremendous cost-advantage over the support time, potential downtime, and the headaches of managing Exchange internally. As Bobby noted, Terminating the Exchange services has freed up our server’s resources and it no longer freezes or stalls. Almost every employee now uses the Gmail web interface exclusively; they love the mobile accessibility, response time, and searchability and most of us use Google Chat on a daily basis to communicate about our projects. The conversation strings help track previous correspondence, and we no longer have annoying email delays for security purposes.”

Although we each have an area of specialization, we work interdependently as a team on all projects, and Google Apps provides tools for more streamlined communications across our organization without costly infrastructure or training. Moving to Google Apps was definitely the best decision for our business!

Postini Integrated Service: Transition to Google Apps Email Security

Leave a reply

If you haven’t heard, Google Apps is phasing out the Postini Integrated services. You may have already received a notice from Google that your Postini / Google Message Security (GMS) Integrated settings are being dissolved. These legacy Postini features have been integrated into Google Apps and a few steps need to be taken to transition to the new Google Apps Email Security. If you haven’t received a notice from Google yet, be patient as they are doing this transition in phases. You will not have access to the transition tab in Postini until Google has alerted you.

All Postini GMS Integrated customers (Message Security for Google Apps) will be transitioned by the end of the second quarter of 2012. These customers will have access to the improved email security settings in the Google Apps control panel, including:
Content compliance
Objectionable content
Append footers
Approved sender lists
Blocked sender lists
Attachment compliance
Restrict email delivery

Customers using Postini archiving (Google Message Discovery), Google Message Encryption, or Policy TLS are not being transitioned at this time. For more details, go here. If you have any questions during your transition, see the Technical FAQs in this Transition Guide. To help you prepare for your transition, see the General FAQs.

NOTE: If your email is already flowing directly to Google Apps (i.e., your MX records point directly to Google Apps rather than to Postini), then no action is required on your part.

NOTE: The most visible change to an end user will be the loss of the Postini Quarantine Summary and Postini Message Center for spam management. Spam will now be managed by Gmail’s spam settings and users will access their spam messages directly in their Spam folder in Gmail. To begin transitioning to Google Apps Email Security, we recommend following the four steps outlined in the Postini Transition to Google Apps Email Security: Administration Guide .

As a Google Apps Authorized Reseller we are happy to assist or answer any questions about these changes, please reach out to us at sales@mxtoolbox.com.

Google Apps Email Security (Postini Standalone Filtering)

Leave a reply

In addition to your Google Apps Premier account you can enable Postini Standalone Filtering for greater spam fighting control. From the Google Apps control panel, you can configure Email settings for each organization in your domain. For example, you can set up multiple Content compliance and Objectionable content settings, and tailor these settings for a specific organization or sub-organization.

To add an email setting for an organization:

  1. Sign in to the Google Apps control panel at https://www.google.com/a/cpanel/domain.com
  2. Then enter your username and password to open the control panel.
  3. From the menu at the top of the page, select the Settings tab.
  4. From the left-navigation menu, click Email.
  5. From the Email settings page, click Filters.
  6. In the Organizations section near the top of the page, highlight the organization for which you want to add settings.
  7. To create a new setting, click the Add Setting button near the right edge of the window (the Add setting dialog box opens).
  8. Click the type of setting in the left navigation menu of the dialog box — for example, Objectionable content or Content compliance.
  9. For detailed instructions on adding specific types of settings, see the following:

    Content compliance
     Objectionable content
    Append footers
    Approved sender lists
    Blocked sender lists
    Attachment compliance
    Restrict email delivery

  10.  When you are finished making changes, click Add Setting.Note: Any settings you add or edit will be highlighted in yellow-orange on the Email settings page.
  11. Click Save changes at the bottom of the Email settings page.

Additional Resources
What’s the difference between Postini integrated and standalone?
Postini Transition to Google Apps Email Security: Administration Guide

Temporary relocation of the ‘Manage this domain’ link for Administrators in Google Apps Gmail

Leave a reply

from Google Apps:

UPDATED 11/3: If an administrator account switches to Gmail’s new look, the ‘Manage this domain’ link moves from its current location, to the Settings gear menu in the upper right of the Gmail inbox. More Details.

Google Apps administrators have a link available in their Gmail inbox which allows them to easily access their administrator control panel. This link is an alternative to logging in at http://www.google.com/a/yourdomain.com where yourdomain.com is the name of the admin’s domain.

This ‘Manage this domain’ link is temporarily moving from its current location at the top right of the inbox, to the bottom right corner of the inbox, just underneath ‘Last account activity’. This relocation is related to the new look being rolled out to Google Apps services and we’ll provide more updates on its final location when available.

Release track:
Rapid*

Editions included:
Google Apps, Google Apps for Business, Government and Education

Languages included:
All languages supported by Gmail

How to access what’s new:
In an administrator’s Gmail inbox, scroll down and the ‘Manage this domain’ link is now located on the bottom right side.

For more information:
http://whatsnew.googleapps.com/new-look
http://learn.googleapps.com/new-look

Spam and Virus Trends from Google Postini

Leave a reply

Editor’s note: The spam data cited in this post is drawn from the network of Google email security and archiving services, powered by Postini, which processes more than 3 billion email connections per day in the course of providing email security to more than 50,000 businesses and 18 million business users.

In 2009, the security community started seeing diminishing returns from the takedown of malicious ISPs. After the ISP 3FN was taken down, spam levels rebounded in less than a month, and after Real Host went down, spam volumes recovered after only two days. In response, the anti-spam community turned its attention toward taking botnets offline instead.

Toward the end of 2009, Mega-D, a top-10 botnet – responsible for infecting more than 250,000 computers worldwide – was severely crippled through a carefully orchestrated campaign designed to isolate the command-and-control servers spammers were using to support the botnet. In early 2010, security professionals, along with government agencies, successfully mounted a campaign against several more targets: major botnets such as Waledac, Mariposa, and Zeus were either shut down or had their operations significantly curtailed.

However, this recent spate of botnet takedowns has not had a dramatic impact on spam levels. Although spam and virus levels did fall below Q4’09 highs, reports from Google’s global analytics show that spam levels held relatively steady over the course of Q1’10.

This suggests that there’s no shortage of botnets out there for spammers to use. If one botnet goes offline, spammers simply buy, rent, or deploy another, making it difficult for the anti-spam community to make significant inroads in the fight against spam with individual botnet takedowns.

Spam by the numbers
Overall, spam volume fell 12% from Q4’09 to Q1’10, which follows a trend of quarterly decreases in overall spam levels that started after the surge in Q2’09. This may be attributed to some of the recent takedowns, but spam volume was still 6% higher this quarter than it was during the same period in 2009, and spam volume as a percentage of total email messages is holding steady.

Recently, our data centers showed a 30% increase in the size of individual spam messages (measured in bytes) that occurred toward the end of March, as shown below.

This spike points to a resurgence of image spam, similar to what we reported in Q2’09. This is likely due to the fact that reusing image templates makes it easier and faster for spammers to start new campaigns.

As always, spammers tend to make use of predictable topics – cheap pharmaceuticals, celebrity gossip, breaking news – to encourage user clicks. In January, spammers hastened to exploit the Haiti earthquake crisis, sending pleas for donations that appeared to have been sent by reputable charitable organizations, politicians, and celebrities.

The frequency and variety of post-earthquake spam illustrates an unpleasant reality: spammers will exploit any means – even tragedies – to accomplish their objectives.

Virus levels fall after Q4’09 surge
During 2009, spam with attached viruses increased tenfold, with levels rising from 0.3% of total spam in the first half of the year to 3.7% in the second. Postini filters blocked more than 100 million virus-bearing messages per day during the worst of the attack.

Since then, spam with attached viruses leveled off to around 1.1% in Q1’10, and dropped as low as 0.7% in March. It’s good news that virus levels are currently trending down – but Q1’10 levels are still 12-fold higher than they were in Q1’09.

In fact, this virus surge may be part of the reason that there hasn’t been a significant impact on spam volume after the recent takedown of major botnets. With a host of new machines now infected and part of a botnet, it is unlikely that there would be a dip in spam proliferation.

Benefits of security in the cloud
Although the botnets that distribute spam are mindless drones, the spammers that take advantage of these botnets are a highly active and adaptable group. This is evidenced by the varied techniques and tactics that they employ in an ongoing effort to evade spam filters and deliver messages to their targets.

2010 is likely to see more botnets taken offline, but the question remains – will that have a long-term impact on spam volumes overall? So far in 2010, the effect has been limited, and the security community may begin to turn to other tactics that yield a more substantial impact on global spam volumes.

As long as the threat is there, however, Google is committed to using the power of the cloud to protect your enterprise from spam and viruses. Outsourcing message security to Google enables you to leverage our technical expertise and massive infrastructure to keep spammers from your inbox.

For more details on Google Apps and all of the protection it includes, go here.

Google Announces New Message Log Search for Google Apps Premier and Postini

2 Replies

Google announced a few months ago that they would be releasing a new function for searching Message Logs. Last week it was officially released and has been widely accepeted by all system administrators. The Message Log Search is available for Google Apps Premier and Postini administrators on Systems 5, 6, 7, 8, 9 and 200.

The Postini Message Log Search provides visibility into how your messages are processed, filtered and delivered, and insight in the traffic patterns for your domain. The message security service captures information about your messages as they’re processed, and this information is stored in a log. You can use Message Log Search to run searches on this data using a variety of criteria and queries. You can then view search results and details about groups or individual messages.

With Message Log Search, you can track what happened to an inbound or outbound message — whether it was delivered, quarantined, archived, encrypted, or other disposition — and see if the message triggered a specific filter. Log Search also enables you to track all messages for a specific sender, recipient, domain, or IP address.

About Message Log Data

The message security service stores information about your messages in a log, such as the message header and how the message was processed, but does not store the actual messages. If you want to save search results for later analysis, you can export a .csv file.

Important: The Log Search data is managed and stored securely in Google datacenters located in the United States (for customers on Systems 5, 6, 7, 8, 9) and the European Union (for customers on System 200).

For more information about the log data storage in Google datacenters, and how to opt out of the Log Search feature, please see the Message Log Feature Data FAQ.