Ask yourself “why are these messages getting flagged?”
For the most part, there are good reasons that your protection software has flagged the message as potentially dangerous or vulnerable.
We assume large reputable companies should bypass virus, phishing, and malware scanning. Why? Many large organisations have not setup their domain names correctly and according to the security standards. This means that these companies can be impersonated – a thief will pretend to be from the company. Your staff may receive an email from docusign.com (example only). Because the domain name was added to their Safe Senders list (whitelisted), your virus, malware and phishing scans are bypassed.
We advise against using whitelists including Microsoft Safe Senders.
The primary reasons:
- Whitelisting bypasses all protection from spam, malware and phishing.
- Your company is vulnerable to attacks from whitelisted domains or email addresses.
- Staff are not technically qualified to determine whether the domain or email is secure.
- Because of poor management of domains, they are impersonated for phishing.
Recently a client asked us to whitelist two domains:
tungstenautomation.com had no SPF or DKIM protection.
#####.com had incorrect SPF and no DKIM or DMARC.
IT giants (like Microsoft) advise customers regularly to use whitelisting. Microsoft supplies each user with a personal Safe Senders list. Some organisations will send a specific email asking you to add their domain and/or email address to your whitelist. Despite the size and clout of these organisations, we disagree with their insecure and irresponsible advice.
We advise whitelisting is avoided, and Microsoft Safe Lists are regularly deleted.
We understand that following our advice may cause inconvenience. Each individual business owner must weigh the cost of inconvenience against the potential damage from a breech. We respect whatever decision they make for their business.