Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Service provider email implications

1,173 views

Published on

When using external service providers using company email domains for senden messages, you will encounter problems when sending to internal recipients. Solve this issue by using dedicated sub domains for external service providers.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Service provider email implications

  1. 1. Service Provider Email Implications Thomas Stensitzki – MCM, MCT, Blogger
  2. 2. What is a Service Provider External company providing email based services for an enterprise Usually uses an email domain owned by the enterprise customer to obfuscate the service Service provider emails are sent from servers owned by the service provider Examples Email Marketing Services Travel Agencies Cloud based Business Services
  3. 3. Service Provider Email Implications Service provider emails are filtered as spam Service provider emails are not received by internal recipients Service provider emails are identified as being sent from an untrusted source
  4. 4. Using an enterprise primary top level domain Accepted domain: varunagroup.de Service provider sender addresses newsletter@varunagroup.de booking@varunagroup.de user@varunagroup.deExternal recipient Email Gateway Email blocked due to identical sender and recipient domain
  5. 5. Solution A – Single Sub Domain Single sub domain for external service providers email.varunagroup.de Requirement Dedicated mail server hosting sub domain addresses Email address verification only – never used for sending emails Email security One SPF Record containing all service provider SPF references include:spf.nl2go.com include:spf.constantcontact.com Multiple DKIM records in single DNS zone provider1._domainkey.email.varunagroup.de provider2._domainkey.email.varunagroup.de
  6. 6. Solution B – Multiple Sub Domains Dedicated sub domains for external service provides newsletter.varunagroup.de booking.varunagroup.de Requirement Dedicated mail server hosting sub domain addresses Email address verification only – never used for sending emails Email security One SPF Record per sub domain containing the service provider SPF references include:spf.nl2go.com Single DKIM record per DNS zone provider1._domainkey.newsletter.varunagroup.de provider2._domainkey.booking.varunagroup.de
  7. 7. Using an enterprise sub domain Accepted domain: varunagroup.de Service provider sender addresses newsletter@email.varunagroup.de booking@email.varunagroup.de user@varunagroup.deExternal recipient Email Gateway Email accepted due to different sender and recipient domains
  8. 8. Technical Implementation – Example Enterprise Email Server e.g. Exchange Server Sub Domain Email Server e.g. SmarterMail External IP addresses Primary MX Records Reverse DNS Setup Email Security Gateway e.g. NoSpamProxy External IP address Sub Domain MX Records No Reverse DNS Setup Internal DNS Server Top Level/Sub Domain Zones SPF, DKIM External DNS Server Top Level/Sub Domain Zones SPF, DKIM, DMARC
  9. 9. Contact Granikos GmbH & Co. KG Web: https://www.granikos.eu Email: info@granikos.eu Blog: http://blog.granikos.eu Thomas Stensitzki Web: http://www.stensitzki.de Twitter: @Stensitzki Blog: http://JustCantGetEnough.Granikos.eu

×