Skip to main content


Showing posts from March, 2016

Securing Google Apps for Education GMail

Over the past year or so there have been lots of posts on various G+ communities about issues with GMail delivery (particularly to groups) and accounts being exploited by email spoofing. So I thought it might be an idea to bring together the steps you need to take to knock these issues on the head into one place. The steps: Configure your domain to use SPF (sender policy framework) Configure your domain to use DKIM (Domiankey identified mail) Configure your domain to use DMARC (prevents email spoofing) Force all incoming SPAM into admin quarantine   Numbers one and two will improve your email flow and prevent your messages (particularly ones going to groups and certain outside agencies) being marked as SPAM. DMARC relies on the SPF and DKIM being correctly configured first. All messages you send will be checked and ones that fail either SPF or DKIM will be actioned in accordance with a rule you set. The final step prevents end users ever seeing anything in their S