Spam, phishing, and identity warnings

Overview

Anyone can send an email pretending to be anyone else. Fortunately, over time, various protocols have been added to authenticate emails. Front will use these protocols when available to verify the identify of senders.

Front will show purple warnings for things related to spam, phishing, and identity. These can mean a few different things.


Spam and phishing warning

If we detect that your email provider indicates a message as spam or a phishing attempt, we will mark the email with a purple warning icon.

If a message shows this warning in Front, but doesn't appear as spam in Gmail, it's most likely because the message contains some Microsoft Forefront Anti-spam headers. Front is designed to detect these headers. The header is called 'x-forefront-antispam-report' which you can find by looking at the raw message in Gmail or Front. According to Microsoft, any time a message shows a Spam Confidence Level of 5 or greater, it is considered spam, and will appear that way in Front.


Report phishing

Help Front improve defense against phishing attempts by reporting them. Click the 3-dot menu at the top and click Report phishing to send the report to Front. 


Identity warnings

Incoming email is marked as "Identity could not be verified"

If you're seeing an error that refers to the sender of the email, it means that there is some discrepancy between the identity signals of the email sender. This could mean that either the sender may not be who they claim to be or their email configurations are not set correctly. You may see this warning in addition to the spam warning icon, or on it's own.

Your team's emails are marked as "Identity could not be verified"

If your own team's emails in Front are getting marked with an "Identity could not be verified" error, this can be fixed by updating your DNS settings.

To improve your email delivery rates, you need to make a change to your DNS settings that will tell recipients that you’ve authorized Front to send emails on your behalf. Without this change, your email has a higher chance of being marked as spam, since the email shows an address from your domain but was sent from an IP address with a Front domain. 

To properly authorize Front to send emails on your behalf, you need to add these SPF (Sender Policy Framework) and DKIM (domain keys identified mail) records to your DNS settings.  

If you have an IT team, let them know that you need to make these changes to your company’s DNS record. When your IT Team makes this change, it will apply for all users at your company who use Front. 

Here are instructions on how to do this with each email provider:

If you're seeing an exclamation mark with this error and you use Front with Gmail, please double check that your SPF record includes Google. You will need to add the following to the record:

include:_spf.google.com

Reply Oldest first
  • Oldest first
  • Newest first
  • Active threads
  • Popular
Like Follow
  • 2 wk agoLast active
  • 2168Views
  • 1 Following