Koha How-To

All about email - Part 4

by Mitch Morrison on Aug 24, 2020

This is the 4th and last in a series of blog posts devoted to email issues and how ByWater Solutions supports your Koha email capabilities. In this post, we look at “deny lists” and how we are changing things to more effectively avoid them.

In this series we have gone into some detail about the origins of email, different types of email, the infrastructure behind email servers, and steps you can take to mitigate SPAM and spoofed email. These are all issues that you have some control over. There is also one other variable that you have little control over, the “deny lists.”

Several organizations exist that collect data about email delivery in an attempt to isolate which addresses are more likely to be sending SPAM email. An incomplete list would include SORBS, Spamhaus, IBM, Nordspam, and Barracuda just to name a few. These services provide lists available to the public that tell email servers which IP addresses they should reject. While these lists are dynamically updated, email providers often download updated lists once or twice a day.

Recently many of these providers have decided that email that comes directly from public cloud IP addresses should not be trusted by default and moved those addresses into a deny list. When IP addresses are added to these lists, you have to go through a process to get your IP removed. Removal often takes from 48-110 hours to propagate everywhere. During this time even if all your DNS records are properly set, these lists have overriding precedence.

For Bywater supported partners, we have decided the best solution to this area is to migrate email services out of public IP space and into an email provider. Email providers such as AWS SES, Mailgun, Mailchimp, and Sendgrid to name a few, have a vested interest in making sure their IP reputation is pristine. They provide a framework for email verification and have strict rules about what kinds of emails they are willing to relay. This eliminates the deny list scenario from the equation.

Over the next few weeks, our Systems Team will be contacting you to engage in a process to implement this transition. Some of the action items we will need to coordinate with you are:

  • Updating your domain’s SPF record
  • Implementation of DKIM if desired
  • Verifying DMARC settings (which will require DKIM to be enabled)

If you are already using a relay service provided by your government or school IT departments, no changes will be needed. Email can be tricky due to its importance to everyone’s digital identity and experience. Making sure your emails are deliverable and robust is one of the most important things Bywater Solutions does to assist your Koha implementation.

More in this Blog Post Series

Read All about email - Part 1

Read All about email - Part 2

Read All about email - Part 3

Read more by Mitch Morrison

Tags