🔒 Patreon Special

IT Pros: exclusive shows await you on Patreon, focusing on the more challenging aspects of running your practice and working with clients and employees.


221: DMARC, Eero's & Toupee's

Topics:

- Joe discusses the problem with automatically forwarding mail in the era of DMARC and walks through an explanation from Kerio:

- You have a hosted Kerio email account, with a domain of clientname.com

- You have a forwarding rule configured to forward all email addressed to name@clientname.com to clientaddress@gmail.com

- Gmail enforces a DMARC policy

- Gmail sees the forwarded email as if they were coming from the original sender, e.g.: Facebook, PayPal, etc. etc.

- But the emails are NOT coming from the mailservers of those senders (e.g. mail.facebook.com, mail.paypal.com – fake examples), they are actually coming from the Kerio mail server (mail.itekmail.com)

- This triggers a failure of compliance with DMARC, since the sending mail server doesn't match the sending address.

- Unfortunately there isn't much we can do about this, other than use the main account (name@clientname.com), setting it up on a mail client of your choice, to avoid this problem.

- Joe and Jerry discuss Eero, and Joe explains the challenge of configuring an alternate subnet:

- Eero ad automatically assigned 192.168.7.1 subnet

- AV guy had static IPs manually assigned to two IR controllers

- had to use Advanced settings to hangs subnet to 10.0.0.0 (10.0.1.0 not an option; annoying because that's a common Apple one so this must be a common issue)

- tried to adjust starting IP to 10.0.0.1, subnet to 255.255.0.0, and ending IP to 10.0.1.254; didn't work

- after updating, allowed me to select 10.0.0.0 range and change it to 10.0.1.0 range, which worked