LearningTechAndDev
New Member
I told a friend who owns a small math tutoring business that I want to learn more about how to improve email deliverability. He said I could use his google workspace to practice my knowledge. Let's say for now his domain is
The business send emails only from their google workspace Gmail accounts. Hence, they have MX records based on instructions from Google. It looks like SPF and DKIM are set up properly as well as per Google instructions. The SPF includes only Google SMTP server, it doesn't mention any other authorized sender. This has all been working fine for about a year now.
My friend added me to an email group and now I get DMARC reports every day.
A lot of those reports show failed or quarantined emails. The reports often show source_ips with IP addresses that we don't own and are not Google servers.
When I use websites to look at reputation of these ip addresses, they are often on blacklisted, flagged for malicious activity or flagged for phishing activities.
I'd imagine there are a bunch of spammers who set up web servers and attempt email spoofing or simply sending out a lot of spam emails with a
So I guess my questions are:
- do I need to concern myself with all those dmarc reports showing failed deliveries from spam servers? What do other IT administrators do about this?
- I don't see my friend's domain
friendbusiness.comThe business send emails only from their google workspace Gmail accounts. Hence, they have MX records based on instructions from Google. It looks like SPF and DKIM are set up properly as well as per Google instructions. The SPF includes only Google SMTP server, it doesn't mention any other authorized sender. This has all been working fine for about a year now.
My friend added me to an email group and now I get DMARC reports every day.
A lot of those reports show failed or quarantined emails. The reports often show source_ips with IP addresses that we don't own and are not Google servers.
When I use websites to look at reputation of these ip addresses, they are often on blacklisted, flagged for malicious activity or flagged for phishing activities.
I'd imagine there are a bunch of spammers who set up web servers and attempt email spoofing or simply sending out a lot of spam emails with a
From: [email protected] as the reply field.So I guess my questions are:
- do I need to concern myself with all those dmarc reports showing failed deliveries from spam servers? What do other IT administrators do about this?
- I don't see my friend's domain
friendbusiness.com being on any blacklists. If spammers continue their spoofing activities as per above, will that eventually cause harm to friendbusiness.com?
