Dullness Alert: Maintaining HTTPS Security, Stopping Spoof Emails & GDPR Compliance


Yes we know that this is a dull topic to cover in a blog post, and we would rather be creating new and interesting features for everyone or cutting our toenails instead, however from time to time we do a sweep around with our clients to check on things like having HTTPS present (so people trust your site is secure) and that your email records are set up to stop spoof emails and increase deliverability especially with large email providers like Gmail, Yahoo and others tightening up on email security in 2024.

In addition businesses need to maintain their GDPR compliance, so if certain things have changed on your website then it needs a re-check.

So, we will be contacting you in the coming weeks with what's relevant to you and to book you in to have it sorted. There is a cost to do this but we will be keeping it as cheap as possible and quoting based on your individual needs.

So grab a cuppa and read on about the key areas that matter and learn some snazzy new phrases to throw around the office and impress people:

Managed SSL Certificate

A website needs to have an SSL certificate added to make it secure and ensure all the content on your web pages can be properly viewed by website visitors or, worst case, to stop them seeing a warning message saying the site is unsafe. You can check your site has an SSL certificate already by going to your website and making sure it starts with "https://" in the browser search bar. Most sites have it, but a few still don't so definitely worth making the move.

Whether you have an SSL or not it's worth having a scan of the website to identify any content / broken link issues that exist and we can then fix them.

Stopping Spoof Emails & Reducing Bounces

The immediate term here is 'SPF' (Sender Policy Framework). It's a method to prevent spammers sending emails from your domain without your permission which people then believe are authentic and get redirected to other sites to harvest their data and defraud them. SPF allows you to define which email servers are permitted to send emails on behalf of your domain. In addition, having SPF set up correctly stops emails bouncing from email services like Gmail, Yahoo and other large service providers. An SPF record therefore needs to be set up if not present or amended where it does not appear correct (which may need us to talk to your IT/email provider). 

Reaching The Next Level Of Email Security

Later in the year, we strongly recommend implementing something called 'DKIM' (DomainKeys Identified Mail) which helps ensure that the content of your emails remains trusted and unaltered during transit. It uses a digital signature linked to your domain to verify the email's source and integrity. And also 'DMARC' (Domain-based Message Authentication, Reporting, and Conformance) which combines SPF and DKIM to provide a robust email authentication system. It allows domain owners to specify how email receivers should handle emails that don't pass SPF or DKIM checks.

To do that we recommend using Mailgun as the email service provider, which is built-in to your website software and let's you send 5,000 emails for free each month . It also brings greater email deliverability rates plus individual email tracking so you can check if somebody did or didn't receive an email when they ask. By the way we could set this up now if preferred, otherwise more on that later in the year and let's at least get SPF sorted.

GDPR Review

GDPR came into place 6 years ago (yes that long ago!), so if you have made updates to your website since last checking it was up to date, such as adding scripts on pages, which you may not even remember doing it was so long ago, installing pop-ups, adding extra analytics tracking, social media stuff, then we recommend undertaking a GDPR review which includes re-checking scripts and cookies via a website scan and that your policies are in place. This is one of those things that nobody ever wants to revisit, but once its' done you feel like you've had a walk through a fresh Spring meadow.

Congratulations for reading this far. Medals will be sent out shortly. Or more likely you will receive a call or email from us to agree what needs to happen for your site. If you want to get ahead of everyone else then you can always call your Account Manager to discuss next steps.


  • Recommend:
  • Share: facebook
  • twitter

Subscribe for updates

Main details
  • *
  • *