• Kidplayer_666@lemm.ee
    link
    fedilink
    arrow-up
    3
    ·
    1 year ago

    That is absolutely unreasonable, as the email files don’t actually tell you who the sender is beyond the domain from where it’s sent. The email protocol is SUPER unsafe and really really easy to spoof as someone from the big three

    • archomrade [he/him]@midwest.social
      link
      fedilink
      English
      arrow-up
      3
      ·
      1 year ago

      My understanding is that it's a combination of correctly deploying authentication (DMARC, DKIM, and SPF) and the actual IP address of the server that can get you into trouble. If you incorrectly set up authentication, OR if a malicious sender spoofs you (likely because you didn't set up auth correctly), it can get your IP blocklisted. And unless you're monitoring if you're blocklisted, you often don't know that things aren't getting delivered until someone tells you.

      And then you're still kind of at the whim of the big players, because they could change or update their authentication standards, and if you're not on top of it you can find yourself in the same boat, even if you're doing everything else right.

      It's not impossible, it's just a headache. But if i'm being honest, i'm a bit of a novice so it could be easier to a more trained network administrator.