Why your phishing simulations land in spam (and the SPF / DKIM / DMARC fix that actually works)

1 / 2

Why your phishing simulations land in spam (and the SPF / DKIM / DMARC fix that actually works)

DEV Community·David McHale·29 days ago

#Qj9w9tSE

#security #devops #domain #dkim #dmarc #example

Reading 0:00

15s threshold

Every security awareness program eventually has the same conversation: "We sent the campaign yesterday. The dashboard says it went out. But nobody clicked, and three people on Slack are asking why they didn't get the test email." Then somebody opens their spam folder and finds the simulated phish sitting next to a Nigerian prince. The campaign isn't broken. The deliverability is. I've spent enough time debugging this for HailBytes SAT customers that I can write the post-mortem from memory. Here it is. The core problem A phishing simulation is, by construction, an email designed to look suspicious. Modern mail providers (Microsoft 365, Google Workspace, Mimecast, Proofpoint) are trained on suspicious email and will quarantine it aggressively unless you give them strong signals to trust the sender.…

Continue reading — create a free account

Join HashtagPLUS to read full articles, follow hashtags, vote, and join the conversation.

Create free account Log in

Menu

Why your phishing simulations land in spam (and the SPF / DKIM / DMARC fix that actually works)