Your Achievements
Level 1
0% to
Level 2
Next /
to gain points, level up, and earn exciting badges like the new Applaud 5 BadgeLearn more!
View All BadgesSign in to view all badges
Open Alert Bar
SOLVED

Authentication for branding domain / links and images being blocked by MailScanner

Go to solution
Vivre
Level 2
Level 2
‎09-29-2024 08:20 PM
‎09-29-2024 08:20 PM

Authentication for branding domain / links and images being blocked by MailScanner

Hello folks

We had a customer receive an email where almost all links were flagged by MailScanner as potential fraud. Images in the email were also not displayed.


The email displayed with the following where the link was placed:

"MailScanner has detected a possible fraud attempt from "branding.domain.co.nz" claiming to be [link]"

For further context, this is not the sending domain. So the email is from company@sending.domain.co.nz and images and tracking are using branding.domain.co.nz.

Will adding SPF & DKIM records to the branding domain help with this? Any other suggestions?

0 Likes
497
Reply
2 ACCEPTED SOLUTIONS

Accepted Solutions
SanfordWhiteman
Level 10 - Community Moderator
Level 10 - Community Moderator
‎09-29-2024 10:53 PM
‎09-29-2024 10:53 PM

Re: Authentication for branding domain / links and images being blocked by MailScanner

You need to supply actual links & domains, not obfuscate. Obfuscation just means we have to guess instead of being able to test your actual setup.

 

Will adding SPF & DKIM records to the branding domain help with this? Any other suggestions?

Neither SPF nor DKIM is relevant to your branding (click tracking) domain. They are SMTP authentication measures, not web-related.

 

Images are loaded from your LP domain, not your branding domain. There too, neither SPF nor DKIM is relevant.

 

In addition, SPF has no relevance for a standard shared Marketo instance, even for your From: email domain.

 

DKIM-signing email with your From: email domain is certainly recommended and can give you a tiny bump in deliverability, but it cannot in any way override suspected phishing.

View solution in original post

0 Likes
482
Reply
SanfordWhiteman
Level 10 - Community Moderator
Level 10 - Community Moderator
‎09-30-2024 06:18 PM
‎09-30-2024 06:18 PM

Re: Authentication for branding domain / links and images being blocked by MailScanner

Thanks Sanford, that's really helpful. It was Marketo support who told us to add SPF and DKIM to the branding domain, but that didnt sound right to me so main purpose here was seeking a second opinion.

Yep, that suggestion is dead wrong. Nice work doubting it!

 

is having link text that differs from the perceived link address.

Right, you can’t have URL-like link text that differs from the actual URL. (Any other friendly text is fine.)

View solution in original post

425
Reply
5 REPLIES 5
Katja_Keesom
Level 10 - Community Advisor + Adobe Champion Level 10 - Community Advisor + Adobe Champion
Level 10 - Community Advisor + Adobe Champion
‎09-29-2024 10:48 PM
‎09-29-2024 10:48 PM

Re: Authentication for branding domain / links and images being blocked by MailScanner

As the tracking links are not an email sending domain, but a website subdomain, it is a CNAME record you need for it in your DNS settings (similar to your landing page domain). Typically you would have an SSL certificate on that subdomain too.

Tags (1)
0 Likes
484
Reply
Vivre
Level 2
Level 2
‎09-30-2024 06:09 PM
‎09-30-2024 06:09 PM

Re: Authentication for branding domain / links and images being blocked by MailScanner

Thanks for your reply, we have that in place already

0 Likes
428
Reply
SanfordWhiteman
Level 10 - Community Moderator
Level 10 - Community Moderator
‎09-29-2024 10:53 PM
‎09-29-2024 10:53 PM

Re: Authentication for branding domain / links and images being blocked by MailScanner

You need to supply actual links & domains, not obfuscate. Obfuscation just means we have to guess instead of being able to test your actual setup.

 

Will adding SPF & DKIM records to the branding domain help with this? Any other suggestions?

Neither SPF nor DKIM is relevant to your branding (click tracking) domain. They are SMTP authentication measures, not web-related.

 

Images are loaded from your LP domain, not your branding domain. There too, neither SPF nor DKIM is relevant.

 

In addition, SPF has no relevance for a standard shared Marketo instance, even for your From: email domain.

 

DKIM-signing email with your From: email domain is certainly recommended and can give you a tiny bump in deliverability, but it cannot in any way override suspected phishing.

0 Likes
483
Reply
Vivre
Level 2
Level 2
‎09-30-2024 06:13 PM
‎09-30-2024 06:13 PM

Re: Authentication for branding domain / links and images being blocked by MailScanner

Thanks Sanford, that's really helpful. It was Marketo support who told us to add SPF and DKIM to the branding domain, but that didnt sound right to me so main purpose here was seeking a second opinion. I believe the main issue, and it seems to be isolated to MailScanner, is having link text that differs from the perceived link address.

427
Reply
SanfordWhiteman
Level 10 - Community Moderator
Level 10 - Community Moderator
‎09-30-2024 06:18 PM
‎09-30-2024 06:18 PM

Re: Authentication for branding domain / links and images being blocked by MailScanner

Thanks Sanford, that's really helpful. It was Marketo support who told us to add SPF and DKIM to the branding domain, but that didnt sound right to me so main purpose here was seeking a second opinion.

Yep, that suggestion is dead wrong. Nice work doubting it!

 

is having link text that differs from the perceived link address.

Right, you can’t have URL-like link text that differs from the actual URL. (Any other friendly text is fine.)

426
Reply
Home