A:
EONI is using a system called sender policy framework (SPF) to reduce email from being sent or received that forges the sender?s domain.
Why is email forwarded to my eoni.com email address always going into my quarantine?
Look at the reason the message was placed in the quarantine? Does it say the word "Custom" ?
Short, easy answer?if customers get email in their EONI email filter quarantine that is forwarded from another email account automatically?they may be due to SPF check failures?so?go to EONI web mail, login with the email account, click ?settings?, ?anti-spam? and uncheck the ?custom? category and click ?save?. Stop reading the remainder of this message.
For those who seek the technical details?please read on.
Our new SPF implementation (March 2005) will not bounce email that fails the SPF tests to the sender. The results of the SPF check will be added to each message and then the email message will simply be sent on to the customer email box. If the customer has EONI email spam filtering enabled then the customer email preferences will tell the system what to do (if anything) with SPF test results.
If the customer has the anti-spam category ?custom? turned off then the SPF test results will be ignored completely.
If the customer has the anti-spam category ?custom? turned on (this category is on/checked by default?) then the following actions are taken:
If the anti-spam filter is set to ?normal? then the SPF test results will be ignored completely.
If the anti-spam filter is set to ?strong? then only messages with SPF fail (which is a hard fail) results will be placed into the customer quarantine. If the sender email address is on the whitelist/trusted sender list then the email will be delivered instead of quarantined.
If the anti-spam filter is set to ?extreme? then only messages with SPF fail (which is a hard fail) or ?soft fail? results will be placed into the customer quarantine. If the sender email address is on the whitelist/trusted sender list then the email will be delivered instead of quarantined.
If people have problems with email going to the quarantine that fails the SPF check?simply uncheck the ?custom? anti-spam category. All special custom scripts setup on eoni.com email to do special filtering would be off for that user?but the email that fails the SPF test would not be quarantined. Also the other email filter categories will still provide substantial email filtering service to the email.
Also the user would not need to adjust their email filter settings if the sender email is on the customer white list/trusted sender. White list/trusted senders are never stopped into the quarantine and classified as spam.
Also the results of the SPF testing will be added to email headers. The line with the SPF check will look like this if the sending domain does not publish an SPF record:
Received-SPF:
none (relay1.eoni.com: domain at budgetbeverlyhills.com does not designate permitted sender hosts)
Or if the domain owners publish an SPF record here are some example headers:
Received-SPF:
neutral (relay1.eoni.com: 83.223.243.183 is neither permitted nor denied by SPF record at ibkgle.com)
Received-SPF:
softfail (relay1.eoni.com: transitioning SPF record at hotmail.com does not designate 221.151.13.108 as permitted sender)
Received-SPF:
fail (relay1.eoni.com: SPF record at hush.ai does not designate 209.210.236.121 as permitted sender)
Every little bit helps in the spam war.
To learn more about SPF please see:
http://spf.pobox.com/If you have a web site or other system that sends email from your eoni.com email address you should contact those that maintain your site and make sure email the is sent from outside EONI's email servers has a From: address that is not an eoni.com email address. The Reply-to: address can be your eoni.com email address. Again, the From: line must not be your eoni.com address if the message is not sent to the Internet using EONI's email servers.
SPF allows EONI to do two main things:
1. Test mail addressed to eoni.com:
EONI checks incoming email to see if the sending domain name publishes an SPF record. If we find an SPF record we check to see if the incoming email matches the SPF record.
2. Allow others to test EONI email that claims to be from eoni.com:
Other email service providers can look up EONI's SPF record to verify email that claims to be from EONI is being sent from an authorized EONI email server.
SPF is not supported by all email service providers yet. As email service providers implement SPF it makes email better for everyone on the Internet.
Below is an email message sent to all eoni.com email addresses in September 2004.
Subject:EONI email forgery defense system coming October 4, 2004.
Effective Monday October 4, 2004 EONI will implement email changes that help to combat spam (unsolicited commercial email) and email scam proposals. The EONI email changes help prevent forging of eoni.com email addresses. This change simply requires email that is addressed from any eoni.com email address to be sent using EONI email servers.
Currently, some EONI customers may use non-EONI services on the Internet that send email that says the message is from an eoni.com email address. These services may not work starting October 4, 2004. For example, some customers may use online forms to send email that will have an eoni.com email address in the From: line. Email sent to other addresses also may not be delivered as many other email and Internet service providers are implementing similar email defense systems to prevent this practice.
Examples of sites sending email addressed from eoni.com email addresses that are not using EONI email servers may include those that have a feature to send news articles or greeting cards. These sites should already be aware of the growing number of email service providers that are no longer allowing email to be sent this way and the sites should be adjusting their systems if they have not done so already to make their systems compatible with email forgery defense systems.
--------------------------------------------------------------------------------
How will this change impact me?
For most EONI customers this change should not cause any change to the way you send or receive email. You should simply have less unsolicited commercial email (spam) in your inbox. If you subscribe to EONI's email filtering service you should have fewer messages in your quarantine.
Having EONI process fewer spam emails means EONI servers can work faster as the servers spend more time delivering the messages you want instead of checking messages you did not want.
At this time this change only affects eoni.com email accounts.
--------------------------------------------------------------------------------
Why is EONI doing this?
1. Frequently senders of spam will send email to email addresses with the From: address being a trusted email address. This trusted email address might be your own email address; thus, the spam sender has forged your email address in the spam message. Most people prefer to be the only person allowed to send email using their email address.
2. More email is being sent that looks like it is from a well known person or organization but it really is not.
Some emails look like they are official and are asking for you to provide personal information. This practice is called "phishing". Common examples of phishing are email sent that claim to be from eBay, PayPal, banks, credit card companies but are really fake attempts to get you to provide personal information to a fake web site. You can read more about phishing and other Internet safety topics on the EONI SafetyZone at:
http://safetyzone.eoni.com
3. Many large email providers such as AOL, HotMail, Earthlink and others have announced they have or will implement similar policies. As more providers implement these policies EONI will need to participate with the global Internet email community and have consistent policies as well to address email forgery.
These changes will not make it impossible to forge eoni.com email addresses, however these changes should substantially reduce the problem.
