DMARC, SPF and DKIM: What and Why?

The short answer is email security delivery and spam prevention which are related in many ways. Do not ignore these seemingly boring acronyms: DKIM and SPF. They help us assess whether we can trust emails.

What is the problem?

Opening every email is a risk. You need to trust emails you open. You need recipients to trust the ones you send.

One way to reduce that risk is to know who has sent it and assess whether or not we trust them. So how do we know who the sender is? Not by the sender name, that is for sure. Something purporting to come from a large trustworthy company, perhaps? Nat West bank or “SCREWFIX” (i.e. the tools and materials retailer) might mail you about your account or a competition. It may have come from from a different email domain if you click into it. SCREWFIX<dhlkjlj@zxyildgt .ru> is an example where you can see the “friendly name” “SCREWFIX” is completely different to the email domain name (the bit after the@-sign). See if you can spot this in the email below received as I looked for examples whilst writing this.

So people send emails “spoofing” that they are someone else. Much spam is probably going out from your company name right now and causing damage to your reputation. This happens to every company after a while. So, how can we be even more sure of the sender?

How do you check a sender?

Where does this email come from?

Each server on the internet has a unique “IP” address to identify it. The IP address of the server where the mail originated provides a little more assurance. You can see the IP where an email originated (and all the servers it went through before getting to your email inbox by looking in the email “headers”. Different mail programs hide this in different places but you should be able to google where it is. It is a bit like the postmark on an envelope. If it says it was posted in Leeds, and your sender lives in Leeds, you can have a bit more confidence. If it says it comes from Santa Claus and the postmark says “North Pole” any grown up knows post marks can be forged. Regrettably, an IP can be spoofed in the same way. However, there are a couple of major problems even if the IP address of the sender is completely genuine. How do you know if it is the IP of the sender or just some other IP? The answer is SPF (Spam Protection Framework).

The SPF standard allows email domain owners to say: “Email from my domain may only come from the server with this IP address and any other IP addresses should not be trusted.” That is really helpful because even if you do not go comparing the IP address from which the email originated and the IP address(es) that the domain owner has configured, the mail relays will do so. It is relatively easy for them to compare the two and many will block mails that do not comply before you receive them. Now turn it around the other way. If you do not set this up for your email domain, more and more servers will block your emails and people will not receive them. I.e., you will have a “deliverability issue”.

To add your valid originating IPs for your company, you need to add the details to the “SPF record”. This is done in the DNS control panel for your domain. The task requires technical knowledge. Do not attempt DNS changes unless you understand how it all works. Call your ISP or hosting company to ask their advice. Also, you should make sure you (or a technical manager you trust) know the access credentials for the DNS for any domain in your business so you can make changes when required.

What, When and Who are valid for this email?

Experts soon saw that the above weaknesses in SPF needed to be addressed. A new method was needed. There had to be some way machines could trust an encrypted key mechanism to see if the email was genuinely:

  • sent at that date and time
  • from that email address (sender)
  • to that/those email addresses (recipients)
  • Subject line.

This is accomplished by DKIM (Domain Keys Identification Method) whch was designed to address the problem. You need to make sure you have this set up correctly for any servers you authorise to send your email. You need to make sure your incoming email servers check it, too.

The way it works is that the email server generates an encrypted string (2048 bit is acceptable at time of writing) which encodes the above facts as the email is sent. When any mail “relay” server receives it, it can check this against a 2048 bit DKIM key that is shown publicly on the domain. If the two “fit” together, the email is passed along. If not, some other action ranging from nothing to an alert to blocking (or even deleting) takes place. Because of the challenging rise in spam and dangerous emails, the servers and mail applications are getting increasingly strict.

Once again, to set this up, you need a DNS skilled professional. The whole process should be less than half-an-hour including checking with a tool like MXToolox.com or demarcian.com. It may seem expensive and complicated but “doing nothing” is will probably come with a cost! Your business emails will get blocked and become more and more undeliverable.

You may hear about another Acronym: DMARC. (Domain-based Message Authentication, Reporting and Conformance) This is a way that email management professinals configure their servers to react to the SPF and DKIM data associated with the emails. Basically, the rules as to whether it is fine, marked a spam or so dangerous it needs to e deleted. Different professinals take different views. However, the large organisations that move the most email traffic also getting stricter. So you need to be verified byut them also or your email will be rerouted or deleted if not properly configured to prove you are who you say you are.

Verification records

In addition to the above internationally accepted DMARC standards, the major email traffic players have their own additional verification checks. If you or your clients or staff or any other stakeholders or consumers have gmail addresses or other google mail services such as G-Suite, You will need Google Verification. Ask your tech person to click here and follow the process for Google Verification. There are similar processes for other mail relay providers including Apple and Microsoft.

Some further reading

You may also wish to read this article from AccountingWeb which explains it in easy-to-understand lay terms.

Support

If you are experiencing deliverability issues sending mail from your AXLR8 system, please contact Support by email or call. We will review all of the above with you.

New Finance Broker Portal User Experience

Thanks to the commercial finance intermediary clients and their teams who have helped us develop and improve this new look and feel. We hope you feel we acted on your feedback and you like the results. If your organisation has not switched your user account over to it yet, here is a video showing how it works.

AXLR8 Commercial Finance Systems
Easy to use and improves productivity

AXLR8 has been working for two years on a new set of portal development tools to create user experience (UX) – simple workflow systems that are easy to use. We have deployed them on modules of our other systems before but this is the first full systems refresh to come all the way through a year of broker feedback.

In addition to improving productivity, the new user interfaces we hope the systems are

  • easy to use
  • simple to understand
  • quick to learn (virtually no training is our goal)
  • flexible to change and evolve for your company
  • easy to pick up again after a break
  • friendly
  • secure and quick

Please judge for yourself. Watch this video.

The new interface development tools are proven in many of our systems now including the Loan Matrix (Loan Management System), Information Asset register (IAR) and the new Talent Management and Applicant Tracking Systems (ATS) from AXLR8.

Easy to use AXLR8 Portals
Easy to use AXLR8 Portals

New AXLR8 Commercial Finance interfaces

AXLR8 are migrating users to new interfaces to reduce training and make the system quicker and easier to use. Simple lists of proposals and clients have clicks through to more details if desired. Adding new propsals uses a step-by-step wizard approach that even the world’s greatest technophobe will embrace!

Easy to use AXLR8 Portals
Easy to use AXLR8 Portals

These announcements (and see here) are part of the product roadmap which started nearly 20 years ago and will continue with many interfaces to external lenders and other information sources.

Please call to discuss your team’s requirements.

01344 776500

Clear new AXLR8 Portal interfaces

Clear new AXLR8 Portal interfaces

AXLR8 has been spending the last three years updating and improving the AXLR8 User Experience (UX). Many parts of the system are now being systematically added and seamlessly replacing exisiting client systems.

Staffing Agencies

Field staffing apps have been evolving for a while and are now customised to your company and also have all the functionality you would expect from AXLR8’s comprehensive staffing agency systems.

Applicants for different job postings
AXLR8 Application Tracking System: effective recruitment metrics

The staffing systems internal HQ Admin wokflows are being improved, functon by function, starting with the recruitment team using AXLR8 applicant tracking systems.

Dashboards

AXLR8 Dashboards are built internally at clients with knowledgeable accredited AXLR8 Super Users now. They can be built and placed any where in the system but the most popular place is the opening page with a management overview.

AXLR8 Dashboards
AXLR8 Dashboards give a real time overview of business health

Finance

AXLR8 are growing in the commercial finance and loan management systems markets as a direct result of improving user interfaces.

AXLR8 LoanMatrix
AXLR8 Loan Management Systems

Government

AXLR8 is updating the Information Request Management and Information Asset Register systems in use across central and local government and NHS.

AXLR8 IAR
Information Asset Register keeps data sources inventory maintained

Apps

AXLR8 have been delivering Apps on all major operating environments for seeral years for our clients to replace and complement our web apps and web portals.

App Screens
Simple to use fault reporting and service logging app

The above maintenance app is a simple “see snap send” reporting mechanism as well as containing all the information requied for service, installation and other equipment management tasks for an engineer.

The comprehensive AXLR8 Staffing App is simpl for the staff member to use for shift information, work planning availability calendar, pay, expenses, field reporting and surveys (on and off line) updating personal details, Chat mechanism, proof of attendance and so much more. It is used by tens of thousands of staff every day.

Staff App Screens
Staffing App with client customised content and functionality

Please email sales@axlr8.com or call us about your business systems requirement 01344 776500

AXLR8 SMS Pricing 2020

AXLR8 have reduced the prices again for 2020. 

Text messaging is ever more used by companies to remind or alert people and organise activities quickly. It is more effective and faster than email.

The reason for this price reduction is the multi-million volumes now purchased by the AXLR8’s “buying club” of clients. Also, to a lesser extent, we reduced administration with small price rises for buyers of lower volumes that cause proportionately more admin. Prices now start at under 2p/unit for our very high volume clients. Very low volume clients buying 1000 occasionally for example pay more than four times that cost per unit but have a low entry point, a low MoQ (1000 for £85 plus VAT to cover admin) and “pay as you go” preference.

AXLR8 SMS Price List

Most commonly, staffing agencies or businesses that need to alert clients or others to events, buy 10k units as “stock” for their AXLR8 Text Tank. The price for 10k texts if you are a buying club subscriber is £294 plus VAT from 1st December 2019 (instead of £323 plus VAT till end November 2019). Partly this is achieved by reducing admin costs. The minimum order quantity (MOQ) is 10k for these prices.  This has a couple of implications.  First, you are less likely to run out and secondly, we suggest  you change your low units alert levels to 3000 and 1000 minimum reminder level so you have enough time to order a top up.  You can log in to https://sms.axlr8.com to change these parameters and see the level of texts in your tank as well as many other facilities.

Hopefully , you will join other clients who are using AXLR8 apps for iPhones and Android devices so that AXLR8 Chat to reduce messaging conversation costs further.

Use cases

  • Appointment reminders
  • Tactical instructions for mobile workers
  • Tracked assets moved to unexpected locations (usually outside geofence)
  • Security alerts for night guarding
  • Stock replenishment in FMCG, warehouses or medical supplies
  • Informing BSL translators of work opportuities
  • Power cut alert as UPS kicks in
  • Refrigerated goods below a pre-set temperature
  • Alerting staff to new work shifts you need to fill
  • Staff booking confirmations
  • Surveys for clients and staff
  • work completion or pre-ordered item availability
  • and may more

AXLR8 at Cannes 2019 Film Market

Following up with several fast growing Film Sales Agents around the world who showed interest in the AXLR8 Film Rights system.  Many will be able to replace their present disparate systems including CRM, mailing, Film Rights and many spreadsheets with one comprehensive AXLR8 Film Sales system.

Looking forward to speaking with you soon and hope everyone ‘s trip went well.

AXLR8 Dashboard functions

AXLR8 Dashboard functions

We recently launched a new set of functions for building dashboards.

The functionality is being provided to beta clients and some new clients now.  It will soon become widespread.

AXLR8 Dashboards will address two key UI issues we have been working through in the last four years.

Cx Dashboard

The CEO and Cx suite (board, VPs, etc.)  will want different dashbards to the functional dashboards we have as standard in the project. A staff booker will log in to an overview of campaigns and a sales person may log in to their active deals. Howver, a CEO or COO may need a couple of graphs and two buttons to take them to some areas of P&L detail or other KPIs for the business such as client feedback scores.  Previously, we have built these as custom developments and they have been expensive and mostly only applicable to one specific customer.  Now AXLR8 can quickly model and deploy different dashboards for different directors/executive officers.

Functional Dashboards

These are the dashboards that would be used by specific staff and managers to achieve their job objectives on a daily basis.  For example a warehouse manager may need to know tools availability and testing schedules for the purposes of kitting out vans during each week with safe, servicable tools.  A talent manager may wish to see how many applicants came in over night and how the talent pool stands including whose SIA licence paperwork or work visas are coming up for renewal.

We will follow up with an article with some Use Cases in different industries.

AXLR8 Film Rights Sales System

The AXLR8 Film Rights Distribution system is aimed at film sales agents world wide.
It will be soft launched at the European Film Festival 2019 in Berlin (Feb 6-12th, 2019). Then it will be officially launched in Cannes during the Film festival there in May 2019.

  • Revenue and sales forecasting
  • Creation of a DM (Deal Manifest) short form distribution agreement
  • Creates and archives this and the LFA (long form agreement) with standard IFTA agreements or your own documentation
  • Sales order processing and payments accounting
  • Collections emails automatically chase debts using AXLR8 Debt Chaser
  • Full reporting of “Avails”: Films available in different territories
  • Records film titles distributor agreements for specific territories and prints out fully bespoke agreements including MG (minimum guarantee), expiry of distribution, etc.)
  • Records when film titles distribution rights will end for your reseller and hence when a film distributorship is up for renewal.
  • Reminders of film distribution review dates and expiry
  • Allows interfaces with your website
  • Newsletter broadcasts to clients and others
  • Sales and marketing tools
  • many more features

The system requires no server or other systems investment. That is because it is hosted, managed and backed up on AXLR8Cloud. It is offered to clients as a subscription service (SaaS).  So you just need a browser on your PC Mac, Tablet, iPad or smart phone.

Please contact AXLR8 if this is of interest and you would like a demonstration.

AXLR8 commercial client GDPR

AXLR8 have produced the following AXLR8 GDPR document for clients in the commercial sector – especially those who use direct mail with our Newsletter Builder and other tools in B2C markets.

It also refers to a new AXLR8 Data Cleaning document.

Staffing Clients

Those in staffing will find it useful as there are some pointers about adding the Opt Ins to your staff contracts.  It seems reasonable to ask staff to read email in order to see what what work is coming up, confirming/ changing shifts and so on.  More is available on our specialist staffing website at http://staffing.axlr8.com.

For example, we will be covering data retention periods and especially applicant data and data about terminated staff (with and without payment history.

Government  Clients

AXLR8 are creating special new SAR 30/60/90 Information Request Types.  More details are on the way to government users of our FOI systems.

AXLR8 Commercial Asset Finance V4.0 launches

Version 4 of the AXLR8 Commercial Asset Finance offering is now available.

What’s new?  The system is GDPR compliant.

It now includes compatibility with:

  • AXLR8 Trigaware: which automates alerts and messages for end of funding period and other actions.
  • AXLR8 Exchange Vault: which automatically stores proposal and client email traffic in the correct places by using the client email address and, if relevant, to a quote or proposal, using the funding opportunity (also called “finance requirement” or “funding requirement”) reference in the email subject line.  This is an invaluable tool for both client service and relationship building as well as compliance audit transparency.  All the email correspondence for contacts from funders, suppliers, clients and others may be found in their file and likewise, all the correspondence for a quote or funding proposal may be found quickly with that funding requirement’s record.
  • AXLR8 Mailing Manager: this includes AXLR8 Newsletter Builder which is an effective tool for new business sales as well as keeping clients informed of news and developments at your company.  It also has extensive mail merge capability so that it can produce contracts for clients or employees and many other forms of correspondence.  In more advanced forms, the AXLR8 Mailmerge system can merge context specific information into one or more funding proposals documents including:
    • Funder Details
    • Client Details
    • Equipment Supplier Details
    • client bank, accountant, and other details from KYC and profiling (e.g. length of time at residence and home ownership  and unlimited other profiling information).
    • Equipment details
    • Background information and funding  business case.
    • Financial parameters such as equipment costs, advances and all the other data required for any funder’s decision.
  • AXLR8 Report Builder:  This allows the creation of reports on the fly and the creation of ad hoc operational data queries.  These may be combined and the data can be exported to other systems & tools.  Thus, the requirements for compliance reporting (e.g. Gabriel reporting) or funder reports, supplier reports, sales commission calculations are all avaialbe with a few clicks.

…..and many other AXLR8 modules.  The system parameters, vocabulary, labels, statuses, profiles and menus can be updated by the your superuser without expensive programmer intervention.

Cassiopae Freehand

AXLR8 have also been working with Cassiopae UK behind the scenes to integrate Cassiopae’s market leading Freehand quotation software in to our AXLR8 proposal management system for Commercial Asset Finance Intermediaries.

 

Is it compatible with my system and do I need to ugrade?  It is based on the AXLR8 CRM (Dragon release and above.  Those clients still using the previous version on Cobra releases have been contacted about options, dates and plans for upgrading.