Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
No ratings

Email Authentication Protocols Usage/Support for AWS SES

DaanishJawed
Saviynt Employee
Saviynt Employee

on ‎10/30/2023 11:08 AM - edited on ‎11/01/2023 09:34 AM by Saviynt Employee

Description -

 

Saviynt provides email services using AWS SES for sending outbound emails. It supports both SPF as well as DKIM.
 
There are two ways to achieve DMARC (Domain-based Message Authentication, Reporting & Conformance) validation:
 
DomainKeys Identified Mail (DKIM)
  • DomainKeys Identified Mail (DKIM) is an email security standard designed to make sure that an email that claims to have come from a specific domain was indeed authorized by the owner of that domain. 
  • If customer is using an email address with @saviynt.com domain, we already have the needful done on our end to support DKIM.
  • If customer is using a custom domain of their own, we would add the domain <Customer domain name> on our end and provide the Publish DNS records from AWS to customer. The three CNAME records provided by Saviynt will then need to be published (added) to customer's DNS provider.

Sender Policy Framework (SPF) 

  • Sender Policy Framework (SPF) is an email validation standard that's designed to prevent email spoofing. Domain owners use SPF to tell email providers which servers are allowed to send email from their domains. To set up SPF, 
  • If customer is using an email address with @saviynt.com domain, we already have the needful done on our end to support SPF.
  • Saviynt will provide a TXT record to publish in the DNS configuration for <Customer domain name>  This record contains a list of the servers that customer would authorize to send email. When an email provider receives a message from the domain, it checks the DNS records in customer's domain to make sure that the email was sent from an authorized server.

 

NOTE - Please note that Saviynt does not offer AWS SES service as a default option for email. Customers are advised to utilize their own SMTP service because of following reasons:

  • Privacy and security - Emails may contain sensitive information such as usernames and passwords, and it is crucial for customers to have full control over them. They can ensure this by using their own service and implementing the necessary security measures.
  • Monitoring - customer manage their own email monitoring and can control type of emails that are sent by the solution.

 

 

 

Labels:
0 Kudos
Comments
nkashyap
New Contributor
New Contributor
‎11/09/2023 02:16 AM

Thanks, Daanish, for the update and required details on DMARC and DKIM.

I have updated client about the documented details and waiting for his response.

Thanks,

Navin

Version history
Last update:
‎11/01/2023 09:34 AM
Updated by:
Saviynt Employee
Contributors
Copyright © 2024 Khoros, LLC