With Email and Web Form submissions, customers may try to spoof email of other users to get access to their account and exploit it. Spoofed emails can cause serious problems and pose security risks. Authentication of the Email address is one of the ways to identify the rightful owner of the account before taking any actions on behalf of the users.
Helpshift allows Administrators and Agents to verify suspicious messages by using the ‘Detect potential spoofing’ feature.
This feature allows you to run the spoof detection mechanism for:
- Each new email issue that is created and is a potential spoof
- Every subsequent message for email, web issues and issues created manually and is a potential spoof
Before you enable the ‘Detect potential spoofing’ feature, make sure that you create a spoof tag in the Active tags area of your Dashboard. For ease in identification, name the tag something like ‘spoof’ or ‘potential-spoof’. To know more about tags, refer to How do I create and use tags? Also, you need to set up a Smart View for managing Spoof Issues. For setting up, refer to How do I create Smart Views?
To enable spoof detection from the Dashboard,
- Navigate to Settings > Support Settings > Email Support and then to ‘Detect potential spoofing’ section. You can enable or disable Admins/Agents access by turning the toggle on/off.
- Once you turn on the ‘Detect potential spoofing’ toggle, the following options appear:
- Show warning for potential spoofed messages in Issues Conversation
- Automatically tag Issues that have potential spoofed messages
By default, it checks the ‘Show warning for potential spoofed messages in Issues Conversation’ option.
- Now, select the ‘Automatically tag Issues that have potential spoofed messages’ option and search the suitable tag from the drop-down list which you have created earlier.
- Click Save.
- If an incoming message is tagged for potential spoofing, Helpshift will display a warning at each message level.
- Click the ‘Show Details’ option to view the following details of the Message Headers:
- From: Sender Email address
- Reply to: Receiver Email address
- SPF: It includes a value such as Pass or Fail
- DKIM: It includes a value such as Pass, Fail, or NA (DKIM header displays the value ‘NA’ only when there is no result due to the absence of DKIM signature for comparison or timeout while verifying the signature)
Note: The SPF and DKIM headers associated with an email are used to identify if a user is the rightful owner of the Email Address or not. Helpshift recommends you to contact the Technical Support team if there are too many false positives.
To learn more about Email Authentication mechanisms, refer to Sender Policy Framework and DomainKeys Identified Mail pages.