Welcome to Cash in the Cyber Sheets. I'm your host, James Bowers, and together we'll work with business leaders and industry experts to dive into the misunderstood business of cybersecurity and compliance to learn how to start making money from being secure and compliant. Welcome to Cash in the Cyber Sheets.
Hey everybody, welcome back to Cash in the Cyber Sheets. I'm your host, James Bowers, Chief Security and Compliance Architect here at Input Output. Very happy to have you back here with us today.
And I don't know if you've ever had the issue where you just completely lost a day, actually like practically a week. But last week, everything that we put together, actually all the days got mixed up, thought it was a different day, thought everything was already posted. It wasn't.
We didn't have an episode last week. So for the seven of you out there that are listening, very sorry. You went a week without us.
We're also in the process, too, of what's really doing it is, I don't think you can ... Can I pivot at all? No, you can't really see all the changes we're making here with the studio, but actually trying to revamp how everything is put together, and the layout, and really be able to support a lot more video production. Right now, things have to be kind of moved around in the office setting and set up, and it's ... Honestly, it's a little bit of a pain in the ass to do different video setups or to try to do videos, so they just ... They don't get done. I don't know if any of you have some of the ADHD issue where you think of all the steps you need to take and just decide, you know what, screw it, I'm not going to do it.
Definitely where I'm at with a lot of things. So in any case, that's a long way to say that we're actually making a lot of changes, so that contributed to a lot of it, not an excuse. It's definitely more of just this up here not producing right.
But in any case, last time, a few times ago that we talked, and if you've been going onto the website, we've been putting even more tools out there, a lot of it around email management, email deliverability. There was the big change May 5th, 2025, so just ... This is June. Just last month, with DMARC becoming required, technically that's for bulk senders.
So if you're sending over 5,000 emails a month, but in practice and what we're actually seeing is it's affecting a lot of emails, because let's be frank, the email providers don't want to spend the time processing, sending, transmitting, and really scanning through all the AI systems, all those tokens, all of that money. They don't want to spend that, so they're really pushing it out to everybody else. Make sure you have everything all up to date, your DMARC, your DKIM, your SPF.
And if you don't, we're just not going to route the emails. It's going to save us money. At the same time, it's going to help reduce a lot of spoofing and fraud.
So not entirely against it, but it is a big change because all of the email records that mostly DKIM and DMARC that used to be optional and kind of good-to-haves are now actually required. So if you haven't seen an issue before, you're definitely going to start seeing that issue. With that, we've got the tools out there, definitely doing a lot of prospecting around this where we're reaching out to people and saying, hey, took a look at your email domain.
There's some issues. We can show you how to fix it. Would love to talk to you about how we can help more.
Yada, yada, yada, please give us money somewhere. What we're seeing a lot is a lot of issues with SPF, Sender Policy Framework. And today is not going to be a deep dive into what SPF is.
I do have some blogs, information on the Input Output website, all about that, and I'll link to those in the description. We'll talk about it a little bit, but what I really want to talk about is the big issues that we're seeing with where it's falling apart, what that's meaning for email deliverability, and mostly just things to watch out for and a little bit about how we can help. So definitely happy to get into that right before we do, which is right this instant.
Please click that like, click that subscribe. If there are compliance issues that you're having trouble with that you would love to talk about, please go ahead and drop those in the comments. Would love to hear about the things that you're having trouble with that you'd like to focus on.
And also just any wins, anything that's really working well for your program, for your team. These are always really great things to share. So leave those in the comments.
Would love to hear from you. Let's bam, let's get into it. So what is SPF, Sender Policy Framework? Real quick, it is one of the first email deliverability frameworks.
It is a DNS record. It's a text record that you put into your DNS. And it essentially says that these are the domains, these are the areas that can send email on our behalf.
Typically, you'll see like Microsoft, Google, others in there. And that just means that if you look at ours, because it's all publicly available, you have Microsoft on protection, Microsoft.com. And we also utilize Exclaimer for our email signatures. That keeps them uniform.
It allows us to put cool little banners, all kinds of stuff. Not a plug for them, although they are great. Definitely check them out.
We also use Exclaimer. So we've got Microsoft and Exclaimer in there. Ways back, we used Zoho.
So Zoho was actually in there. We've utilized MailChimp before and others. And when we did and we were sending emails from there, it was very important for us to have those in there.
That's really all SPF is. And when you're sending an email, when your system receives it, it looks at the SPF record of the person that sent you the email to see, is this email originating from one of the email domains that are on that SPF record? And if they're not, we probably shouldn't trust it. It might be spoofed.
It might not really be from the person that we expect it to come from. SPF was really one of the first steps in helping to tighten up spam emails, spoof emails. And as things have progressed, then develop VKilm and then DMARC.
What we're seeing with SPF, let me back up. If you get SPF wrong, if you mess up your record, what that can mean is that your emails will not deliver. That's now an issue with DKilm and DMARC, but it is SPF has been around for so long.
It's almost the minimum standard. It's in just there for so long that if you don't have this, we're just going to assume you don't have an email put together. You just don't have it set up right.
And the majority of email providers, even those that haven't jumped on the bandwagon with the new May 5th changes, really do adhere to SPF. If SPF is whacked out, they're not going to deliver the email because there's a really good chance that it's spoofed. So having your SPF record messed up can really impact deliverability.
It can actually take it to where you're delivering emails, you mess up your record, emails are not getting delivered. 100% could just vanish, not get there. And what we're seeing with working with doing a lot of the prospecting with even working with previous clients with partners is a lot of SPF errors, which come down to, I've got three listed here.
I'm really going to say it comes down to two primary issues. Number one is fat fingering or making a typo. Even when you have the SPF record correct, you go in to put another sender or you go to remove a sender, or you go to make some sort of a change and you slip up one single key, one period in the wrong spot, one semi-colon in the wrong spot, or you take something out.
And now the entire record is messed up and your emails stop routing just from that. A single, single typo. That is really what we're seeing the majority of because there's a lot of tools out there that will show you how to build your SPF record.
We have one right on our site that will show you the issues. And what typically happens is transitioning from that to your actual DNS record, tap, tap, tap, tappy, and you miss a tap and it all goes sideways. Probably about four of these just in the past week, even some with IT companies where we've reached out and said, Hey, uh, your SPF record, we noticed an issue.
We can pinpoint exactly what it was. It was very obvious. This was just a typo.
Just guys go in there and go fix this. And you'll be, you'll be set. You don't need to pay for anything, but it's very easy to cause that type of an issue and multiple days can go by in some cases weeks before you realize, and you just haven't been delivering emails.
So the biggest issue there is this is all, it's all a code string and it's very easy to get that wrong. That ties into number three, which I have, but is incorrect syntax. Typically, typically, even typically it's not just a incorrect syntax.
It's, it's a, it's a typo because there's tools out there, but those kind of go together. The number two biggest issue that we see with SPF is forgetting to put a sending source in the SPF record. We just set up a new CRL, or we set up a new mailing platform, or what happens a lot is we set up a new ticketing system, but we don't list it in the SPF record.
So emails coming from that platform aren't working. This one actually can persist for an extremely long time because if we look at email deliverability, if we, if we're testing, if we're just watching our inbox, we're getting responses. All of the emails that we're sending out from other platforms from everywhere else are working, just not from this new platform.
So that's a very important thing to do to make sure that you're actually monitoring your SPF records, that you're monitoring your, your mail to make sure that you can identify if there's a sending source in there that needs to be put in there. You just got started working with Constant Contact or with Zoho or with some other platform. If you had to get it put into your SPF record, then you have to be very careful that when you do that, you don't make a typo that causes another problem.
Those are really the two biggest problems. Typos just caused by fat fingering the issue and forgetting sending sources. Some other issues that we do see, and this is more of a technical issue, and it can creep up because depending on how you've set up your SPF include statements, it's relying on other SPF records.
What this issue is, is too many lookups. The SPF record can only have 10 lookups in total, and that's really to help prevent overloading DNS servers, all the lookup requests. What can happen is a lot of companies, even when they have this very well put together, they've exceeded that, or they include another sender that with those lookups, it picks them over the 10.
That is not as common of an issue. I would say, anecdotally, in the last month, we've seen about one of those, but it is still an issue. Where that can become a problem is if you don't really understand the SPF syntax or you don't have a good tool to manage it, that one can actually be difficult to correct.
Again, just all of those together, it just prevents your emails from getting to where they need to be. No emails getting delivered. I can't say it any other way.
How can you fix it? Number one, you can definitely use a tool out there to see if your SPF record is set up correctly. If you go to inputoutput.com, I will have these in the description, but inputoutput.com under resources, we have the email audit, which will check all of your records, SPF, DKIM, and DMARC. We also have a specific SPF checker, which will get into the very nitty gritty of the entire SPF record and show you what's working, what's wrong, and help guide you in how to fix it.
Making this even easier is you can utilize a tool like our input output click safe email tool, which you point all of your records to the tool and it manages the SPF, it manages the DKIM, and it manages DMARC and even BME and some other records. What's really cool about that is it makes it to where it's just a point and click rather than having to manage the actual text and syntax yourself. That helps prevent errors.
It also monitors, so if there are issues, you'll be able to identify those and get them corrected. Even if you don't use that tool, there's other tools out there like nomadxtoolbox that do the same thing and help you monitor and manage your SPF records and all of your other email records. Whatever way you do it, though, you want to make sure you're keeping on top of those because it can cause such an impact to the organization, especially if you're sending bulk emails, you're doing a lot of email marketing that can quickly destroy your budget for nothing more than just a simple little typo.
So very important. Do not neglect it. Check out inputoutput.com resources so you can make sure yours are in line, and if you have any questions, please reach out to us.
Thank you so much for listening today to us on Cache in the Cyber Sheets, and until next time. Thanks for joining us today. Don't forget, click that subscribe button, leave us a review, and share it with your network.
Remember, security and compliance aren't just about avoiding risk. They're about unlocking your business's full potential. So stay secure, stay compliant, and we'll catch you next week on Cache in the Cyber Sheets.
Goodbye for now.
