Email Security Blog

The Four Types of Senders: Third Party Senders

Agari November 20, 2014 DMARC
Fallback Featured Image

Series Introduction l Internal Infrastructure

Erika NJ Alperin, Brand Manager

Previous article in the series can be found here

Let’s go back to the cocktail party scenario I talked about last week. Imagine you are at a cocktail party and someone you don’t know hands you their business card and the card has your company logo on it. Maybe you work for a big company and don’t know all your coworkers, so you don’t think twice about it. You ask what department they work in, only to find out that, well, they don’t exactly work at your company, but they contract with your marketing department.

This is essentially what third party senders are doing on behalf of your brand every day. Although the marketing department is often the one singled-out in these examples, almost any department in a company can bring in third party senders.

When these senders are vetted through the IT department from the beginning, making sure everything is in compliance, then IT is aware that the vendor will be sending from a company domain. However, we all know that at companies both big and small, not everything gets run past IT first. I get it. I really do! Maybe you are part of an agile team that prides itself on thinking outside the box. You are moving fast and breaking things! Chances are that other departments in your organization are doing the same thing, and pretty soon no one is quite sure who is sending on behalf of the company.

To give you an idea on who might be sending email from your company’s domain, here is a short list of common, potential third party senders:

  • Marketo
  • Eloqua
  • Salesforce/Pardot
  • Mail Chimp
  • HubSpot
  • Google Apps
  • Survey Monkey
  • Zendesk
  • Constant Contact
  • AWeber
  • Dreamhost
  • Voltage SecureMail Network

A great thing that DMARC does is bring these unknown third party senders to the surface for you. Don’t worry that you have to go department to department, shaking down your coworkers and demanding they give up their third party vendors’ names & IP addresses. Put a DMARC monitor policy in place and pretty soon you will have a clear picture of who is sending from your domains. Once that is done, you can work with your vendors to implement DMARC so they can become authenticated senders of your company communications. Then, the next time the marketing department decides to go rogue, you will catch them in the act.

Check back next week when we continue our series on The Four Types of Senders and take a look at Forwarders.

Leave a Reply

Your email will not be published. All fields are required.

February 19, 2019 Fareed Bukhari

DMARC Adoption Up, But 85% of Fortune 500 Remains Vulnerable to Brand Hijacking

October 16, 2018 Fareed Bukhari

One Year Later: Federal Mandate for Email Authentication Huge Success

October 16, 2018 Patrick Peterson

DMARC: A 12-Month Triumph for DHS—and the Nation

August 10, 2018 Patrick Peterson

Half of Federal Agencies Racing to Meet DMARC Active Enforcement Deadline

July 17, 2018 AJ Shipley

5 Big Myths about DMARC, Debunked

mobile image