Qantas SPAM – or not? Learn more about email brand protection & deliverability….

There is nothing like a real life example with a Globally recognizable brand to help with the education process. This email failed to authenticate due to DMARC implementation and was marked as SPAM.

The positive for Qantas is that they have implemented DMARC for the prevention of Spoof & Phishing emails, therefore they have protected their customers and subscribers as best they can.

The negative is that this particular campaign is most likely legitimate but not all areas of the Qantas team are aware of how to ensure they are DMARC compliant. So rightfully Gmail has flagged this as SPAM.

What to look our for? In the image (right) is the email headers provided by Gmail (menu option, show original). For me knowing what to look i can tell that it’s most likely to be valid due to no “set reply-to address”and the SPF designates that the return path to Qantas.com is valid. The return path can be thought of as the mail originator.

The issue for this campaign that the return path domain (url): bounce.salesnews.qantas.com is different to the domain (url): qantas.com.au To achieve DMARC these must be the domain (sub domains depend on policy).

Both URL’s are owned by Qantas:

http://www.whois.com/whois/qantas.com.au

http://www.whois.com/whois/qantas.com

In Summary:

This email came from QANTAS but was flagged as SPAM by Gmail due to incorrect implementation and use of the core entries used to achieve DMARC compliance.