Recently, AOL suffered two major security problems - the personal details (including their names, encrypted passwords and postal addresses) of many account holders were accessed by hackers, and then these details were then use to spew out vast amounts of spam from accounts hackers could break into.
As a result of these changes, providers of free email services (including Gmail, Outlook.com, Hotmail among others) have started tightening their email sending policies. In short, if you're using an email address that ends in @gmail.com, @outlook.com, @yahoo.com or another similar address with Accelo, you should change your details to use the email address of your company.
(If you're wondering why this change is necessary, we cover the details at the bottom of this post - warning though it gets a bit geeky).
To access your email address, hover your profile pic/avatar and then click Account.
From your profile, click Edit > Edit [your name] from the toolbar.
Update your email address (E.g. delete the @gmail.com address and insert your work email address)
Click Save from the bottom of the page.
After saving your user profile with a new address, you will receive an email from Accelo Support asking you to click on a link. This is to ensure that the email you entered in Accelo is indeed your email.
Once verified, you're all set!
While changing your email address to be your work email will be enough to get you out of immediate trouble, if you're able to, we recommend setting up an SPF record for your domain and to explicitly say that Accelo servers can send emails on your behalf. Of course you might need your IT or email administrator to do this.
We suggest checking Google’s advice about how to configure your SPF settings, and add the following to your existing SPF record:
If there are no other entries in that SPF record, the completed entry would look like this:
v=spf1 include:_spf.accelo.com ~all
SPF records are referred to in a couple of different ways depending on your hosts, with the most common terms being SPF Records and TXT Records. You can find more specific information on your domain provider's method for adding SPF records on Google's SPF guide. To test your domain's SPF record (and make sure you have Accelo included), use the helpful tool at MXToolbox.com.
To improve email deliverability, if your email account in Accelo continues to be one of the webmail service addresses, we're going to need to change the way your emails to clients appear.
In future, emails sent out from Accelo will appear differently to your recipients. They'll either have a different "from" address (such as firstname.lastname@example.org) or they'll have a section which says "sent via mail.accelo.com" - this is to ensure that the recipient email server doesn't think we're a spammer pretending to be Gmail. We'll make sure the "reply-to" address will be your own email address so any replies come to you like normal, but when someone gets an email from you it will have a slightly different presentation.
Two words - spam and spoof.
We all know what spam is, but spoofing isn't as well known. In tech circles, it means pretending to be someone you're not in the hope you can fool another system to trust you.
Unfortunately, when email was created, its original designers didn't foresee the twin problems of spam and spoof. Email is designed to work on a model where you trust everyone - to work, a receiving email server needs to accept connections from any other mail server on the internet. Spammers quickly worked this out, but if they send out millions of emails from email@example.com, mail server admins get wise and start blocking any emails from bluepillscam.com as a domain (and the mail servers that sent it).
To get around this, spammers then try and "pretend" to actually be sent from someone with more reputation - someone big, who already sends millions of emails, like Gmail or AOL or Hotmail, etc. They do this by spoofing - they're still a spammer using their own (or hijacked/hacked) mail servers to send out millions of spam emails, but they say their "from" address is firstname.lastname@example.org (for example). This is what is known as spoofing.
While this approach isn't new (I remember dealing with cunning spammers 15 years ago when I was first getting into web and email hosting), the method of trying to squash each spamming mailserver with a black-list is increasingly a losing war - there's too many compromised computers and mail servers out there. So, increasingly, big email services are taking the opposite approach - instead of blocking known bad actors, they're instead using policies to decide if an email is legitimate based on the from address.
The biggest email services have the most to gain with this approach because they're the ones that get spoofed the most. So, now emails sent with a "from" address as "@gmail.com", for example, will be rejected (or put into the spam folder) if they come from anywhere OTHER than Gmail's own mail servers.
When you send an email out from Accelo, we show the "from" address as your own user address. This ensures replies come directly to you, and it also means that your recipients get an email that looks just like you sent it from your own mail account. However, as more big mail providers implement policies which reject this type of approach, more of your emails will be marked as spam or not delivered at all. And this is obviously a very bad thing - which is why we're encouraging our users to use an email address at a domain they control, and ideally have them set up SPF records that explicitly say Accelo is a trusted sender.