Email Policy

Written
June 11, 2020
Effective
April 7, 2020
a picture of an at sign against a pearl-gray backdrop by Online Printers, courtesy Unsplash A hallmark of email is that it's still decentralized and it's easy to use. This also makes it easy to exploit, as malicious actors write badware for the most-used platforms, taking advantage of those who do not secure their infrastructure. I take secure communication seriously, not because I have something to hide, but because I want to make sure that I can verify who I'm talking to. Everyone deserves to know that the person on the other end of the email conversation is who they say they are.
Unfortunately, that isn't always the case. Some email providers have made it easier to scam people by selling their data, which makes them prone to custom-tailored 'spear-phishing' attacks, which are more convincing because this information is being sold by the people claiming they protect it. I want to hammer this point home - if you're using a free email service, your content is not secure. You don't get to complain when you can't subscribe to a mailing list, and you don't get to complain when your sensitive information is in a breach. The companies are not liable for any financial pain or suffering you endure as a result. Check your terms of service for the "Indemnify" clause.
I use personal email because I have the ability to enact stronger email controls and punish mail servers that do not properly secure their infrastructure from malign use. As of the moment, my DMARC policy is configured to quarantine any message that fails SPF or DKIM authentication. To correct this mistake, ask your IT administrator to add those entries to the "Zone Record" for your domain. Otherwise I will continue to reject your mail and your business. It's your responsibility, not your users', to ensure that your email is delivered. Like my phone, if I made exceptions for you, I'd be vulnerable, too.
-
© 2020 Mass Transit Honchkrow