Email Security Blog

The Four Types of Senders: Third Party Senders

Agari November 20, 2014 DMARC
Fallback Featured Image

Series Introduction l Internal Infrastructure

Erika NJ Alperin, Brand Manager

Previous article in the series can be found here

Let’s go back to the cocktail party scenario I talked about last week. Imagine you are at a cocktail party and someone you don’t know hands you their business card and the card has your company logo on it. Maybe you work for a big company and don’t know all your coworkers, so you don’t think twice about it. You ask what department they work in, only to find out that, well, they don’t exactly work at your company, but they contract with your marketing department.

This is essentially what third party senders are doing on behalf of your brand every day. Although the marketing department is often the one singled-out in these examples, almost any department in a company can bring in third party senders.

When these senders are vetted through the IT department from the beginning, making sure everything is in compliance, then IT is aware that the vendor will be sending from a company domain. However, we all know that at companies both big and small, not everything gets run past IT first. I get it. I really do! Maybe you are part of an agile team that prides itself on thinking outside the box. You are moving fast and breaking things! Chances are that other departments in your organization are doing the same thing, and pretty soon no one is quite sure who is sending on behalf of the company.

To give you an idea on who might be sending email from your company’s domain, here is a short list of common, potential third party senders:

  • Marketo
  • Eloqua
  • Salesforce/Pardot
  • Mail Chimp
  • HubSpot
  • Google Apps
  • Survey Monkey
  • Zendesk
  • Constant Contact
  • AWeber
  • Dreamhost
  • Voltage SecureMail Network

A great thing that DMARC does is bring these unknown third party senders to the surface for you. Don’t worry that you have to go department to department, shaking down your coworkers and demanding they give up their third party vendors’ names & IP addresses. Put a DMARC monitor policy in place and pretty soon you will have a clear picture of who is sending from your domains. Once that is done, you can work with your vendors to implement DMARC so they can become authenticated senders of your company communications. Then, the next time the marketing department decides to go rogue, you will catch them in the act.

Check back next week when we continue our series on The Four Types of Senders and take a look at Forwarders.

Leave a Reply

Your email will not be published. All fields are required.

Agari Blog Image

June 26, 2019 Armen Najarian

Ticket to Fraud: Airline Industry Sees Increased Consumer Phishing Scams

For many, there are few things more satisfying than receiving an email confirmation for a…

Agari Blog Image

June 13, 2019 Fareed Bukhari

DMARC Adoption Worldwide Slows with Australia's ASX 100 Remaining Most Vulnerable

DMARC adoption rose a tepid 1% in the first quarter of the year, with the…

Agari Blog Image

May 23, 2019 Suela Vahdat

DMARC Remains Elusive with 86% of gov.uk Domains Open to Impersonation

More than three-quarters of UK government organisations haven't yet adopted Domain-based Message Authentication and Reporting…

Agari Blog Image

May 21, 2019 Armen Najarian

Why DMARC Could Make or Break Your B2B Email Marketing Programs

In B2B email marketing, nothing says amateur hour like a landing page with the words…

Agari Blog Image

April 17, 2019 Fareed Bukhari

The Time is Now: Underscoring the Importance of DMARC for State and Local Governments

Scammers know that impersonating a trusted government agency is an extremely effective way to trick…

mobile image