News 12/13/2016 - Mail Rules Updated & Other Important Information

Discussion in 'TAG News' started by TAG Manager, Dec 13, 2016.

  1. TAG Manager

    TAG Management

    Aug 23, 2009
    Likes Received:
    Please read this message in full!

    Over the past few months, we have taken in reports from non-members that have reported spam email from our domains that wasn't sent by us. A few weeks ago, we enabled the DMARC protocol for additional mail protection where people are trying to impersonate our domain.

    As of last week, we have switched this protocol to 100% rejection after doing a few weeks of monitoring. This means that mail systems that respect the DMARC protocol in addition to SPF and DKIM protections, should be blocking all emails that claim to come from our domain but really aren't.

    As stated in the past, TAG requires a valid email address for membership but we absolutely DO NOT release, sell or otherwise disseminate your email address to ANYONE.

    The only valid emails being sent from TAG at this time are as follows:

    - *Mail from Management: Karen or Myself (Includes replies from Helpdesk requests)
    - *Registration Email - Confirmation of your valid email address.
    - *Email Address Changes - Confirmation of your email address when you change it,.
    - *Password Resets (Lost Passwords)
    - Two Factor Authentication - Two Types (Google and pin code via email on each login)
    - Private Message Notification - Default is ON, but can be disabled in your user control panel.
    - Watched Thread Notification - When you reply to a message, you have choice to 'Watch' that thread with or WITHOUT email notifications.
    - Watched Forum Notification - When you 'Watch' a forum, emails are sent to notify you of a new thread. (Again, you can choose email, alerts or none at all)
    - *Approval/Rejection Notices - Where applicable, you may receive a response via email for certain moderator approval/reject actions.

    If you receive any of the above messages, please do NOT mark them as Junk or Spam. Please disable email notification via your control panel. (Some critical messages cannot be stopped, marked with * above.)

    As of today and since the beginning, we DO NOT send out broadcast emails to all members. However, we will soon enable a weekly email (opt-in ONLY) that shows the top threads for each week for people that want to see the most popular content on a weekly basis.

    If you get any suspicious emails that claim to be from TAG, please notify us immediately. Contact us via the helpdesk email address ( or forward the offending message to There have been approximately 170-200 emails per week that were sent with forged headers or were not aligned with our security controls since we enabled the DMARC protocol.

    We take the management of email addresses very seriously, we appreciate your understanding.

    Current valid email addresses for TAG support: -- All automated mail comes from here. (non-human account) -- My direct email, only I read and answer this address. -- Karen's email address to handle account issues. -- Incoming mail only, no outgoing mail. - RFC 2142 Compliance Requirement (receive ONLY) - RFC 2142 Compliance Requirement (receive ONLY)

    These addresses (outbound ones) can be safely whitelisted.

    Aside from email management, we do collect stats via Google Analytics as well raw server log analytics that we do inhouse. We have Google tie-ins only for Analytics, 2FA and part of our business system is hosted with Google Suite. We will also improve email security with digital signatures in the not too distant future, more on that later.

    The purpose for data collection on TAG is to identify problems, determine how to improve our services and to monitor the overall data flow. We do collect visit data like all sites, which we use as performance metrics on a daily, weekly, monthly, quarterly and annual basis.

    All services operated by TAG are done so with service providers that have completed SOC1, SOC2 and/or SOC3 attestations. (As well as ISO270001) [About Each SOC Report, By AICPA] TAG itself has developed its own internal controls and given the size of our staff, we have very granular control over what happens and by whom.

    In closing, the overall point of this message to our members and guests is that we take TAG seriously and we aim to provide a high level of service and availability with the comfort in knowing that we are not just a skimpy operation that disregards industry standards in operation of an electronic information service.

    Thank you for reading and please let us know if you have any comments or questions.

    TAG Management

Share This Page