26 February 2022
DTS will be rolling out an extra security feature Sender Policy Framework (SPF). The feature will be likely enabled this term.
SPF is an email-authentication standard used to prevent spammers from sending messages that appear to come from LSE’s domain (e.g.@lse.ac.uk). It also helps to ensure that emails are delivered correctly – without being delivered to a recipient's spam box.
The introduction of SPF will help tackle spoofing, where a hacker impersonates you or someone you know, because SPF authenticates your identity when you send an email. If you send an email from a domain which does not have a SPF record, the recipient’s mail server will not be able to confirm your identity, therefore your message may end up in Junk.
As an LSE staff or student the introduction of SPF may affect you in the following ways:
- Processes that use external mail service providers (Such as Mailchimp) will be impacted. DTS has already liaised with a several of the main users of these services to advise them how to make the necessary changes. For a list of external services who are trusted and verified for use please visit SPF guidance (lse.ac.uk), where you can also see other steps you will need to take.
- The increased security via SPF also means some LSE users who use external mail provider such as Hotmail to manage LSE emails, might no longer be able to do so. This reduces the risk of compromise of LSE data through the compromise of an external mail provider. We always advise that you send emails directly from your LSE email account using Microsoft Outlook.
Thank you for taking the time to read this article and for keeping up to date with LSE’s latest cyber security policies! Please do contact LSE Tech Support (lse.ac.uk) if you need more info!