Case Study

Transforming Email Security with Improved Domain Settings

The Challenge

With the increasing abuse of email by bulk senders, providers like Google and Yahoo began enforcing stricter requirements for proper email domain configuration. These changes are rolling out to all custom email domains, making compliance essential for legitimate businesses.
Our client had a reasonable email domain configuration but wanted to ensure full compliance and enhance their email security to protect against phishing and spoofing attempts.

The Solution

Step 1: Access and Initial Setup

The client granted us access to update their domain's DNS records. We:

  • Added email domain reporting and tracking to their DNS.
  • Enabled data collection to identify and analyze unauthorized email activity.

Step 2: Data Analysis

By reviewing the reporting data, we identified phishing attempts originating from 49 countries including: Afghanistan, Tajikistan, Uzbekistan and Vietnam. Our client was not conducting business in these countries, indicating the presence of malicious actors.

Step 3: Collaboration with SaaS Services

We worked with the client to configure third-party services such as CommonSku and Mailchimp, ensuring they adhered to the updated domain policies based on our findings. This involved:

  • Verifying sender domains.
  • Configuring proper email authentication settings for each service.

The graph highlights the progress made in securing the client's email domain. After enabling DMARC reporting, we observed a high volume of emails failing both SPF and DKIM checks which prevented us to incrase the DMARC policy. By the end of the second week, we adjusted the client's DNS records and configured their SaaS services to ensure proper email authentication. These changes resulted in a sharp drop in emails failing both checks, enabling us to confidently implement a "quarantine" policy to protect the client's domain from phishing and spoofing attempts.

Step 4: Domain Policy Adjustment

Using the data gathered, we updated the domain's DMARC policy to quarantine any emails failing authentication checks. These checks included verifying the sender's domain and ensuring content integrity.

The Outcome

  • Significant Reduction in Phishing Attempts: Phishing and email spoofing attempts dropped to nearly zero.
  • Improved Deliverability: All legitimate emails now reliably land in recipients' inboxes.
  • Ongoing Monitoring: We continue to monitor the domain's email activity, providing alerts and working with the client to make necessary adjustments as new threats arise.

Conclusion

This success story highlights how proactive email domain management and DMARC configuration can protect businesses from phishing while ensuring seamless communication. By partnering with RefineEmail, businesses can secure their email domains and maintain trust with their customers.

Back