Allowlisting of Email Addresses or Servers

Summary

UIS does not support vendor requests for email allowlisting or DKIM allowed senders.  These options are not needed when vendors use current industry supported email standards.

Body

Introduction

UIS does not support vendor requests for email allowlisting or DKIM allowed senders.  These options are not needed when vendors use current industry supported email standards.

Definitions

Allowlisting (also sometimes called "whitelisting") is the practice of putting server IP addresses or email addresses on a list that are never rejected by an organization's security or spam-filtering programs.

Sender Policy Framework (SPF) is an email authentication method which ensures the sending mail server is authorized to originate mail from the email sender's domain.

DomainKeys Identified Mail (DKIM) is an email authentication method designed to detect forged sender addresses in email (email spoofing), a technique often used in phishing and email spam.

Domain-based Message Authentication, Reporting and Conformance (DMARC) is an email authentication protocol. It is designed to give email domain owners the ability to protect their domain from unauthorized use, commonly known as email spoofing. The purpose and primary outcome of implementing DMARC is to protect a domain from being used in business email compromise attacks, phishing email, email scams and other cyber threat activities.

Procedure

UIS does not support requests to allowlist mail from particular email servers or addresses.  The reasons for this are:

  • Allowlisting creates a security vulnerability, bypassing the existing protection of SPF, DKIM, and DMARC, allowing bad actors to be able to send messages directly to Pacific inboxes without any checks on forgery, spoofing, or origination.
  • UIS doesn't have a reliable way of learning when allowlisting is not longer needed and can be removed, or when vendor infrastructure has changed in a way that can cause new issues.
  • Third party vendors who set up their email settings correctly (and who do not send messages that Pacific recipients choose to mark as unwanted spam) can reliably reach Pacific email addresses.  Allowlisting shifts the technical burden onto UIS to make up for issues caused by vendors not following current email best practices.
  • Allowlisting creates a more complicated technical environment for UIS to maintain.

UIS also does not support DKIM Allowed Senders (outside of UIS' core supported services) for similar reasons.

See Also

Managing Spam Filter: False Positives and False Negatives

Questions?

Contact Support

Details

Details

Article ID: 147729
Created
Wed 10/18/23 8:54 PM
Modified
Thu 10/19/23 11:18 PM