As mentioned by others, this is a common issue across all third-party email senders. If you think about it, what Cvent is trying to do is *exactly* what spammers try to do - send email from one place but claim to be sending it from someplace else. This is why this is such a challenging problem.
There are technologies which are slowly being adopted which can help, e.g., SPF and DKIM. SPF would allow your company to publish to the world that Cvent's email servers are authorized to send email "from" your company. DKIM would allow email sent from Cvent's servers to be digitally signed using a "signature" that is confirmed to belong to your company. Unfortunately, neither of these are used consistently by all ISPs and companies. Adding Cvent email servers to your company's list of approved email senders does introduce a small amount of risk (see
https://community.cvent.com/ideas/viewidea?IdeationKey=b2b4a07a-4b4c-4393-9b08-9221808f0647). Implementing DKIM would require Cvent to do some work (I
thought I previously read that Cvent would support DKIM, but I am no longer able to find that, so maybe I was mistaken or their stance has changed?).
I believe the
real solution is to actually have each customer's Cvent emails be sent from that customer's own email servers; in other words, Cvent-triggered emails don't
pretend to sent from their customer, they actually
are sent from their customer. This, however, would require Cvent to support the configurations to do this and it would require each customer's IT department to enable this behavior. However, I know this is possible because it is done with lots of other vendors who are hired to send email on behalf of our company.
I wonder what solutions others have come up with to solve or at least mitigate this issue?
------------------------------
David Hammond
------------------------------
Original Message:
Sent: 11-14-2019 10:47
From: Deborah Newton
Subject: Spoofing/Spam
I've opened a ticket on this but was wondering how to get around the fact that even though the emails are going out under my company's email address, they are being blocked as spoofing since they aren't coming from our actual email server, but via Cvent's. Is there any way around this?
#Flex-Creating/ManagingEvents
------------------------------
Deborah Newton
Administrative Director
AKFCF, Inc.
------------------------------