Is your Business email Spoof-protected?

Email Spoofing complaints are on rise & common methods adopted by scamsters is to send an email to your users from an anonymous proxy using your own domain.

How Email Spoofing is Identified?

Rediff Entperise Mailing make best efforts to track and block such attempts of spoofing through DKIM. All mails sent using Rediff SMTP are signed using DKIM technique If the mail is intended for internal (same domain) users, then DKIM signature can be verified on receipt & delivered in inbox. Mail failing to verify will be considered as SPOOF

DKIM primarily is useful in identifying spoof of same domain mails as it verifies mails sent by Rediff SMTP However there is a possibility some mails are sent using SMTP of other Service provider. For instance, Your domain is used to send some mails using third party system(SMTP) like Payroll, CRM, Email Marketing, etc. Such emails may not be signed using DKIM.

This could create a problem as Legit Mails will be identified as SPOOF, to avoid same SPF record must be added in your DNS wherein if IP address of such systems will be mentioned. We will check the IP from which the mail is sent & once verified we can be sure that the mail is not spoofed.

What is SPF?

SPF (Sender Policy Framework) is a system to help domain owners specify the IP addresses of servers which are authorized to send mail from their domain. The objective is that your recipient’s mail systems can check to make sure that the server sending email from that domain is authorized to do so. This helps in reducing the chances of email spoofing. Mail servers that accept emails do a SPF check by looking up the SPF record of the sender.

How to add SPF record?

SPF record is a Domain Name Service (DNS) TXT record that specifies which mail servers are permitted to send email on behalf of your domain. SPF is added the same way as a regular A, MX, or CNAME record.

If you do not use any third party system to send emails from your domain, then your SPF record should be as follows: “v=spf1 redirect=_spf.rediffmailpro.com”

If you use any 3rd party system to send emails from your domain, then SPF record should also include the IP or subnet of the machine sending those mails as follows:”v=spf1 ip4: include:_spf.rediffmailpro.com -all”

The IP or subnet will be shared by your other service provider & same is to be included with our SPF records as explained above. This will help to identify legit mails & not categorize them as SPOOF

Button-KnowMore

The POP3 IMAP dilema

Until a decade and a half ago, the post office, the letter box and the postman were an integral part of our communication needs. One would eagerly wait for the sight of a postman carrying your letters in his tiny sack. In today’s world, email has taken over the good old postal mail. Ever wondered how the postal service would manage picking and delivering your letters? Well in a nutshell, they followed a protocol – Postal vans would collect all types of mails from post boxes and deliver them to certain delivery offices. The offices used to sort mails according to their destination addresses or pin codes and ship them to the respective destination post office. At the destination, the mails would be sorted based on local addresses and delivered to the right person. While email has digitized the entire message exchange process, the concept of protocols for exchanging and delivering messages still exists. At the centre of the email ecosystem is the SMTP protocol, which is uses to send your email messages from your phones/computers to your email server. SMTP is also used by the email server to send your message to the mailbox of your recipient’s email server. From there, the recipient’s email client can fetch your email message using either the Internet Message Access Protocol (IMAP) or Post Office Protocol (POP) and put it in their inbox, where they can read it.

Much like the postal department worked behind the scenes and used its own protocols to deliver mails, email protocols such as SMTP, IMAP and POP3 work hard behind the scene and transport mails from desk to desk.

Most email clients can be configured to fetch mails using either POP3 or IMAP. The configuration is a series of steps which involves keying in your email servers address, port number and your account’s user name and password. The POP3 and IMAP setting for rediffmail enterprise are as follows:

Protocol

Server

Port

POP3

pop.rediffmailpro.com

995

IMAP

imap.rediffmailpro.com

993

 

If you have the choice of either POP3 or IMAP, which one should you go for? In order to make a choice, let us look at what each one of them really does.

POP3 works by establishing a connection between the email client (like Outlook, Thunderbird, Apple Mail, etc) and the POP3 mail server. It then downloads the email messages to the client device, and finally terminates the connection. Usually, the downloaded emails are deleted from the email server. POP3 can also be configured to keep a copy on the email server. If the user chooses to delete downloaded messages, then the only copy of the emails are on the user’s device. This can be risky if the user’s device malfunctions or is unavailable when needed. Since emails are stored locally after they have been downloaded from the server, they can be viewed and edited offline, without requiring a permanent internet connection.

IMAP also establishes a connection between the email server and client, but unlike POP3, it maintains this connection throughout the user’s session, not just when emails are downloaded. With IMAP, all messages stay saved on the server after being downloaded by the email client, until the user decides to manually delete them. All changes done to the messages on a particular device like change of state from unread to read, copying/moving email messages to personal folders, flagging messages as important, etc are relayed back to the email server. Any other device connecting to the email server to download messages also gets the email’s last changed state. This means that multiple devices can connect to the same IMAP mailbox, and all have the same access to the same email messages on the server. Like POP3, emails downloaded using IMAP on the user’s device can be viewed and edited offline. Any change in state of the email while offline is relayed to the server when the email client next connects to the email server. It’s worth noting that IMAP does not always store the entire email locally by default. Some clients will keep a few weeks’ worth of email to be accessed offline, but these may be stripped of any images and attachments. With IMAP, there is the risk of being stuck without a connection and no way to access previously downloaded emails.

POP3 makes sense for individuals who access their email from a single machine, whereas IMAP is for those who use multiple devices to access email and desire to have a consistent view of the mailbox across all devices. POP3 is the simpler of the two protocols, and because POP3 routinely deletes mail from the server, it’s generally less of a burden on server resources. Users who are conscious about their mailbox size should choose POP3 over IMAP.  However with storage costs coming down, connectivity ever improving and the benefits of cloud computing, users can choose IMAP over POP3.

IMAP takes the cake with its capability to push new emails to the email clients. If a POP3 client has to automatically make all new mails available, it has to keep polling the email server at regular intervals. Frequent polling is an inefficient use of network and the device’s resources, increasing the cost to the user. Also, with polling, new mail notifications are only as frequent at the polling frequency, and not ‘immediate’. Overall, polling is a poor solution for a user needing immediate notification of new emails. The IMAP protocol supports a command called IDLE.  An IMAP server provides two things in response to a client’s IDLE command:

  1. An answer to the request.
  2. Information on any new messages.

This means that where an email client is actively doing things with an IMAP server, it will be notified immediately about new emails. The email client can then get summary information on the message to present to the user, and can automatically download the email message when appropriate.  The basic network use of the IDLE command is very small, and so it makes very efficient use of bandwidth.