It's amazing how many companies don't have their email set up properly.

Welcome • User Guide
ToS • Privacy • Canary
Donate • Bugs • License

©2026 Poal.co

965

•

I start looking at the addresses. Many of them are other small business suppliers that are depending on third-party third-parties like thomasnet, and they haven't touched configs since they day they were set up 15 years ago. Others, like GE, were quite surprising.

Turns out that in almost every case, these companies don't have a DMARC or SPF record set up. In particular, GE has no SPF record which really surprised me. If you can get into GE's mail server, there's nothing stopping you from validating and sending emails - but there's nothing stopping a secure email receiver from saying "I don't think you know who you are, rejected!"

If you're sending email professionally, there's absolutely no excuse to not have this set up. It took me about 30 minutes to do on my own mail service, and most of that was just reading about how to construct the proper record.

I have a friend who acts as a client for beer money at times. He recently changed email services and wound up with someone that runs a tight ship. All of a sudden, clients are calling him saying their emails are being rejected what's up? I start looking at the addresses. Many of them are other small business suppliers that are depending on third-party third-parties like thomasnet, and they haven't touched configs since they day they were set up 15 years ago. Others, like GE, were quite surprising. Turns out that in almost every case, these companies don't have a DMARC or SPF record set up. In particular, GE has no SPF record which really surprised me. If you can get into GE's mail server, there's nothing stopping you from validating and sending emails - but there's nothing stopping a secure email receiver from saying "I don't think you know who you are, rejected!" If you're sending email professionally, there's absolutely no excuse to not have this set up. It took me about 30 minutes to do on my own mail service, and most of that was just reading about how to construct the proper record.

(post is archived)

[–] • 1 pt

And open relays I'm sure.

No whitelist

Same type of company that would rather bgp-blackhole an entire range than actually try to mitigate

link

[–] • 1 pt

I'm sure there are other holes, but my only concern in this case is why the mail is being rejected.

If they've overlooked basic security, you know there are bigger problems elsewhere.

parent
link

[–] • 0 pt

I worked at a place with open relays, and we'd get dinged on security scans for it every time. Reason was though that we had a whitelist. Everything else would just get dropped on the floor with no confirmation whatsoever, kind of like what firewalls do with packets. Tons of outside relays would keep trying to send us bs mail, and we basically just ignored them.

parent
link

[–] • 1 pt

Affirmative action.

link

[–] • 1 pt

or just pay a dollar more and get on 365

link

[–] • 3 pts

Wut? You're kidding right?

parent
link

[–] • 2 pts

Nooooooooooooooooooooooooooooooooooope.

parent
link

/s/TellPoal

created ago

About this sub

This sub is text post only.

If you want to add pics in your post, use https://pic8.co and then paste the short link in the post content.

Post whatever you would like to tell Poal.
Tellpoal is for telling things, not just for posting links
If it’s not telling Poal something, please post it to the appropriate sub
If what you want to say is NSFW, please mark your post as such.
No violating Poal
NO POSTS ENCOURAGING ANYONE TO END THEIR LIFE. Will be referred to site owner and admin for further review.