Redtail utilizes multiple security layers and services to protect you and your mailbox from constantly evolving threats. While employing these services allows you and your inbox to be safer than ever, many organizations are unaware of how the actions of their users can leave them vulnerable, even with multiple security features in place. A major example of this is whitelists.
Whitelisting is the process of placing a sender address or domain onto an approved/trustworthy list that enables email sent from that sender/domain to bypass certain email security filtering layers. Ideally, whitelists allow one to ensure senders/domains they know are legitimate to make it into their inbox instead of their quarantine/spam folder. However, whitelisting can lead to many issues if companies are unaware of how easy spoofing domains and email addresses can be, and begin to whitelist their own domain.
For those not familiar with the term "spoofing", it is a common practice utilized by spammers in which they forge an email header so that the message appears to have originated from someone or somewhere other than the actual source. Email spoofing is possible because the Simple Mail Transfer Protocol (SMTP) does not provide a mechanism for address authentication.
When an organization whitelists their own domain, they are unknowingly allowing spoofed emails to bypass layers of their email security service, giving spammers not only access to the user’s inbox but trusted access, since it appears to be an internal message. This can lead to users falling for phishing emails. This, in turn, opens the organization up to compromising sensitive information, major financial losses, or infecting corporate systems.
As mentioned above, organizations that whitelist their own domain are leaving themselves open to attacks and infiltration. So, what should organizations do to ensure they are safe as well as ensuring all their internal emails are being delivered without disruption?
It is actually not necessary for organizations to whitelist their own domain as email sent internally should be delivered without issue.
Comments