Authentication for branding domain / links and images being blocked by MailScanner | Community
Skip to main content
V
Vivre
Level 2
September 30, 2024
Solved

Authentication for branding domain / links and images being blocked by MailScanner

  • September 30, 2024
  • 2 replies
  • 2257 views

Hello folks

We had a customer receive an email where almost all links were flagged by MailScanner as potential fraud. Images in the email were also not displayed.


The email displayed with the following where the link was placed:

"MailScanner has detected a possible fraud attempt from "branding.domain.co.nz" claiming to be [link]"

For further context, this is not the sending domain. So the email is from company@sending.domain.co.nz and images and tracking are using branding.domain.co.nz.

Will adding SPF & DKIM records to the branding domain help with this? Any other suggestions?

Best answer by SanfordWhiteman

You need to supply actual links & domains, not obfuscate. Obfuscation just means we have to guess instead of being able to test your actual setup.

 

Will adding SPF & DKIM records to the branding domain help with this? Any other suggestions?

Neither SPF nor DKIM is relevant to your branding (click tracking) domain. They are SMTP authentication measures, not web-related.

 

Images are loaded from your LP domain, not your branding domain. There too, neither SPF nor DKIM is relevant.

 

In addition, SPF has no relevance for a standard shared Marketo instance, even for your From: email domain.

 

DKIM-signing email with your From: email domain is certainly recommended and can give you a tiny bump in deliverability, but it cannot in any way override suspected phishing.

2 replies

Katja_Keesom
Community Advisor and Adobe Champion
Katja_KeesomCommunity Advisor and Adobe Champion
Community Advisor and Adobe Champion
September 30, 2024

As the tracking links are not an email sending domain, but a website subdomain, it is a CNAME record you need for it in your DNS settings (similar to your landing page domain). Typically you would have an SSL certificate on that subdomain too.

V
VivreAuthor
Level 2
October 1, 2024

Thanks for your reply, we have that in place already

SanfordWhiteman
SanfordWhitemanAccepted solution
Level 10
September 30, 2024

You need to supply actual links & domains, not obfuscate. Obfuscation just means we have to guess instead of being able to test your actual setup.

 

Will adding SPF & DKIM records to the branding domain help with this? Any other suggestions?

Neither SPF nor DKIM is relevant to your branding (click tracking) domain. They are SMTP authentication measures, not web-related.

 

Images are loaded from your LP domain, not your branding domain. There too, neither SPF nor DKIM is relevant.

 

In addition, SPF has no relevance for a standard shared Marketo instance, even for your From: email domain.

 

DKIM-signing email with your From: email domain is certainly recommended and can give you a tiny bump in deliverability, but it cannot in any way override suspected phishing.

V
VivreAuthor
Level 2
October 1, 2024

Thanks Sanford, that's really helpful. It was Marketo support who told us to add SPF and DKIM to the branding domain, but that didnt sound right to me so main purpose here was seeking a second opinion. I believe the main issue, and it seems to be isolated to MailScanner, is having link text that differs from the perceived link address.

    SanfordWhiteman
    SanfordWhiteman
    Level 10
    October 1, 2024

    Thanks Sanford, that's really helpful. It was Marketo support who told us to add SPF and DKIM to the branding domain, but that didnt sound right to me so main purpose here was seeking a second opinion.

    Yep, that suggestion is dead wrong. Nice work doubting it!

     

    is having link text that differs from the perceived link address.

    Right, you can’t have URL-like link text that differs from the actual URL. (Any other friendly text is fine.)

      Terms & ConditionsAccessibility statement

      Loading footer...