Skip to main content

Posts

What does this cover?

What does this cover?The program covers the A-Z of technical email management through to reputation management, security and delivery. And once that is done we audit your subscriber practices and campaign practices to implement solutions where necessary. Finally when we are satisfied and everything is done we add a piece of code into the header of your email to notify the receivers. lock Tech set-upImplementing DMARC is one thing but then you are accountable, eliminating the variables is the only way to ensure you don't have any issues. Where is all that "cool App" mail coming from and is that hurting you and can it be routed safely?

Who is your Postmaster?Who is YOUR Postmaster, what is your Phishing Policy, what are the Feedback Loops saying? Even if you get this information what does it mean?

Responsible MarketingHow many campaigns are you sending and how often do you upload a list? Just these simple practices are being penalised every day. Do you incorporate sender best …
Recent posts

What is DMARC Email Authentucation?

Email authentication is not new however the concept can be a little difficult to understand. Especially given the necessity for domain owners to implement the newest of the three authentication protocols,  DMARC the the anti-SPOOF solution.
Let’s start with some key concepts. KEY CONCEPT 1: It has taken since 2013 but it has arrived: Anti-SPOOF authentication (DMARC). The Google’s and Microsoft’s of the world do not want the SPAM and SPOOF plague to continue. Already there has been a 10% drop in SPAM due a number of things but mostly due to the anti-SPOOF (DMARC) adoption. The US Government has mandated and implemented the solution and others are following.
This means that a cascade effect will take place. You see the protocol is designed to allow receivers of email to filter or reject unauthenticated email. This protects recipients from SPOOF Phishing attacks and business email compromise attacks. 
In reverse it helps the domain owner  better control the sources of email that use th…

Email Authentication now in commercial agreements

Franchise Agreements Set To Embrace New Email Standards   Zulu eDM and Haarsma Franchise Lawyers (Haarsma) have collaborated to create the first Franchise Agreement containing references to new email authentication standards. Anti-SPOOF email authentication, known as DMARC (Domain Message Authentication Reporting & Conformance), is already having a far reaching impact on every franchise based business. Due to the adverse effect franchisees can have on the franchise email (domain) reputation, Haarsma has made changes to their Franchise Agreement under the pre-existing Internet Security Clause. The change expressly forbids a Franchisee from using the Franchise email domain from being used in any unauthorised software applications or in any non-compliant manner. Once DMARC is implemented the email domain becomes accountable for the first time meaning, that any non-authenticated email will be treated as malicious and will affect the reputation and likelihood of delivery. In some cas…

ASX 200 - Australia Continues To Disappoint

Australian Big Business continues to let shareholders, their customers and the general public down with only 59 companies having started the DMARC process, an increase of just 14 in 6 months.  The biggest shock came when seeing the Protected figures, just 12 Australian companies on the ASX 200 are protecting their domain from SPOOF and attack. Macquarie and ANZ being the ONLY banks / large financial institutions to appear, "This is an open invitation to cyber criminals to attack customers of the NAB, Commbank Westpac and others" Our CEO David Barnes commented.

The US S&P 500 Up 7%

As part of the Trusted Sender initiative we will continue to monitor the largest companies on various Stock Exchanges.  From the period June - December 2018: US companies that have started the DMARC process is up 7% from 202 to 235 companies. The increase is most likely due to the US Government going live with their reject policy. 64 Companies were found to be protecting us from their domain from being SPOOF'ed however there is a disturbing lack of Financial Industry organizations that appear in this list given US banks were the founding organizations for the initial DMARC project. 

Five Times Safer - Australian Councils Increase Email Authentication

Whilst the Australian Federal Government lags behind it's peers, Australia Local Government has taken up the charge of protecting email users and their constituents by implementing a protected DMARC p=reject policy.
Amongst the 5 now compliant and secured email domains, in May 2018 when surveyed, only 1 of the councils, Narromine City Council, was compliant. Brisbane City Council, had started the process and none of the other remaining 5 councils had a DMARC record.
There has also been an increase in Councils beginning the Anti-SPOOF authentication process from 23 councils to 32, a net increase of 39% but the figure is a long way short of the 537 Councils surveyed.
You can find list of the councils by visiting our Trusted Sender App.

The October 15th 2018 deadline is approaching quickly...

The deadline (October 15th, 2018)  is quickly approaching before email changes forever....

If you were caught by an email scam 3 or more years ago it would have been a hard luck story and just about would have told you to be more careful. 

On October 15th, this year (2018) the US Government will turn on the DMARC p=reject authentication for all inbound emails (a Google search will show plenty of references). But what does that mean and why do we believe this is going to cause tech mayhem?

Let me explain:

1.) For DMARC to work the receiving mail servers must check the inbound mail's DNS for a DMARC record and subsequent instruction. If there is no record the mail passes (based on reputation etc). If there record is set to quarantine or reject then it checks the inbound mail for alignment. If there is no alignment then the mail is either quarantined or rejected.  It is a little more complicated than that however the concept is there.







2.) Mail sent from traditional MX servers have little …

Australian City Councils fail the ultimate test - protecting their community from crime in this case email

Australian Local Government have failed the ultimate test - protecting their community from crime. In this case crime relating to email.

The crime does not need to be isolated to online scams. It could be a council employee email address faked for criminal gain. 

In May 2018, we conducted research into over 570 local government organisations with the following results. 

Only 1 from over 570 surveyed is protecting their community. Narromine Shire Council has taken the necessary steps to prevent their domain from being used by criminals however no council has implemented an Anti-spoof / Phishing policy on their website. (narromine.nsw.gov.au)

One insurer has even referenced the Ipswich email scam which was completely avoidable. Ipswitch city council has not taken any steps to implement the protective measures -a link to check.

Only 24/50 councils have started the process but either stopped or are yet to become safe and trustworthy. Willoughtby City Council have now started the process.

The pr…