July 18, 2023

Email Authenticity Initiative

As part of our ongoing efforts to combat phishing attempts and email fraud, IT will be implementing DMARC (Domain-based Message Authentication, Reporting, and Conformance) to protect our community from malicious activities. Find more details in this article, along with a request for your help and a timeline for implementation of this critical IT project.

As part of our ongoing efforts to enhance email security, IT will be implementing a new standard for email authentication. This email security standard prevents spammers from using our domain to send email without our permission, also known as spoofing, and helps ensure you can trust emails you receive from the College by rejecting emails that do not meet higher standards for authenticity. This protects the lclark.edu domain reputation and ensures delivery of the College emails are not placed in the spam folder.

Action Needed

The rollout of this new email security standard will be gradual, but will impact all individuals and departments who use a third party email, mail merge, or calendaring solution that sends out emails from an lclark.edu domain (i.e. Constant Contact, MyEmma, MailChimp, Youcanbookme, etc.).

All users of solutions that send out email on behalf of an lclark.edu email address will need to register their use of this system by filling out this form by September 30, 2023. IT will schedule follow up meetings to complete the technical requirements needed for emails to pass this new email verification process. Failure to provide this information could result in non-delivery of your outbound communications.

If you would like to learn more about the technical details of this email security initiative, you can find additional details here.

 

  Implementation Timeline:

Summer - October 2023

  • Enable advanced email scanning to protect against malicious emails
  • Direct employees to Email Security Project Landing Page and continue outreach and meetings with departments
  • IT analysis of advanced reporting tools to identify individuals and departments who could be affected by advanced email security filters and by the use of third party email platforms
  • Departments and Administrators register their use of all third party email platforms with IT here prior to September 30, 2023
  • IT communicates with each registered user to verify and authenticate email service with the lclark.edu domain.

November - January 2024

  • IT continues communication and outreach about changes to email security filters and authentication practices
  • A warning banner will be displayed on all emails that get caught in advanced security filters

January - February 2024

  • Emails that get caught in advanced security filters will be sent to spam
  • Emails from third party vendors that have not registered with IT will be quarantined. (only Google Administrators can access these emails)

March 2024

  • New security protocols are enforced for all third party email senders.
  • Emails from third party senders who have not registered will be rejected.
  • Emails caught in security filters will be sent to administrative quarantine. (only Google Administrators can access these emails)

Contact

If you have any questions or need further assistance, please don’t hesitate to contact Meredith Goddard at goddardm@lclark.edu. Thank you for your cooperation as we work together to ensure the security and authenticity of our email communications.