Suped

Who to contact about Tesla DMARC record issues?

11 Marketer opinions3 Expert opinions6 Technical articles4 Resources

Summary

When addressing DMARC record issues with Tesla, a multi-faceted approach is advised. Begin by checking Tesla's website for security contact information or a security.txt file. If unavailable, use abuse@tesla.com or postmaster@tesla.com. Utilize tools like Hunter.io to find IT personnel and connect via LinkedIn. Dmarcian, a DMARC service, can also be contacted. While tweeting Elon Musk was attempted, it's less reliable. As a last resort, consider social media escalation. Review Tesla's DMARC records for RUA/RUF tags, but note these aren't always monitored. Some suggest reporting through Microsoft's junk email reporting, though its direct impact on Tesla is unclear. Remember DMARC reporting can be complex and persistence is key. Initial verification using DMARC record checkers is recommended.

Key findings

  • Website First: Start by checking Tesla's website for dedicated security contacts, information or a security.txt file.
  • Security Emails: Try abuse@tesla.com or postmaster@tesla.com if a dedicated contact isn't found.
  • Leverage Tools: Use tools like Hunter.io or LinkedIn to identify and connect with relevant IT personnel.
  • Consider a 3rd Party: Dmarcian may be able to help.

Key considerations

  • Verification First: Verify DMARC record configuration before contacting anyone to ensure there is indeed an issue.
  • RUA/RUF Uncertainty: Don't rely solely on RUA/RUF tags in DMARC records, as they are not always monitored.
  • Persistence Matters: DMARC reporting can be complex; persistence and using multiple channels might be necessary.
  • Escalation Channels: Social media can be used for escalation, though the effectiveness of directly contacting high profile figures (eg. Elon Musk) can vary significantly.
  • Contact Info: Check WHOIS records for contact information.

What email marketers say
11Marketer opinions

When encountering DMARC record issues with Tesla, various approaches are recommended. Reaching out to Dmarcian, a DMARC service provider, is suggested. Direct communication with Tesla is encouraged via security@tesla.com, security contacts found on Tesla's website, or IT personnel located through LinkedIn or tools like Hunter.io. Checking for a security.txt file on Tesla's domain is also advised. Furthermore, Tesla's support email address or general contact forms can be used. Utilizing online DMARC record checkers to verify configurations before contacting Tesla's IT department is recommended.

Key opinions

  • Dmarcian Contact: Dmarcian is often a good first contact for DMARC issues.
  • Security Contacts: Look for specific security contacts at Tesla (security@tesla.com, security.txt, LinkedIn) before resorting to general channels.
  • Website Check: Always check the company's website for dedicated security information or contact forms.
  • Tool Utilization: Tools like Hunter.io can help identify relevant contact addresses.

Key considerations

  • Verification: Verify the DMARC configuration before reaching out to ensure accuracy.
  • LinkedIn: Leverage LinkedIn to find and connect with IT security personnel.
  • Escalation: If direct contacts fail, consider escalating via social media or broader support channels.
  • Response Time: Response times may vary, so use multiple channels simultaneously to increase the likelihood of a timely resolution.
Marketer view

Marketer from Email Geeks suggests reaching out to dmarcian to report the DMARC issue with Tesla.

August 2023 - Email Geeks
Marketer view

Email marketer from EmailGeeks Forum recommends trying to find the email security team through LinkedIn and sending a connection request with a message.

January 2022 - EmailGeeks Forum
Marketer view

Email marketer from Reddit suggests using the `security@tesla.com` email address for security-related issues like DMARC problems.

January 2025 - Reddit
Marketer view

Email marketer from Email Security Blog recommends using online DMARC record checkers to verify the configuration, then using the information found to contact Tesla's IT department.

July 2024 - Email Security Blog
Marketer view

Marketer from Email Geeks mentions that Dmarcian responded and will address the DMARC record issue with Tesla.

June 2022 - Email Geeks
Marketer view

Email marketer from Quora suggests contacting their support/help email address and reporting the issue

December 2023 - Quora
Marketer view

Email marketer from Email Deliverability Forum suggests looking for a security.txt file on Tesla's domain, which might contain contact information for security-related matters.

August 2023 - Email Deliverability Forum
Marketer view

Email marketer from LinkedIn suggests finding contacts in the IT security department on LinkedIn and contacting them directly about the issue

June 2021 - LinkedIn
Marketer view

Email marketer from StackExchange advises checking the company's website for a security contact or a general contact form where you can report the issue.

May 2024 - StackExchange
Marketer view

Email marketer from Email Marketing Tips Blog suggests using a tool like Hunter.io to find email addresses of IT or security personnel at Tesla.

February 2022 - Email Marketing Tips Blog
Marketer view

Marketer from Email Geeks mentions they sent a message via Slack to someone at dmarcian regarding the issue.

February 2022 - Email Geeks

What the experts say
3Expert opinions

When addressing DMARC record issues with Tesla, experts suggest a multi-faceted approach. One expert attempted direct communication by tweeting Elon Musk. However, more conventional methods include examining the organization's website for specific security contact information. If direct security contacts are unavailable, checking the WHOIS record or using a general contact form are recommended alternatives. Reporting DMARC authentication problems can be challenging, so starting with the company's website is advisable.

Key opinions

  • Website Contact: The organization's website is the primary starting point for finding contact information.
  • Security Contacts: Prioritize finding specific security contacts over general inquiries.
  • Alternative Contacts: If security contacts are unavailable, explore the WHOIS record or general contact forms.

Key considerations

  • Challenge: Reporting DMARC authentication problems can be difficult.
  • Direct Contact: While attempting direct contact with high-profile individuals like Elon Musk may be considered, its effectiveness is uncertain.
  • Persistence: Due to the complexity of reporting these issues, persistence and using multiple channels might be necessary.
Expert view

Expert from Spam Resource recommends to find contact information in the "whois" record for the domain, or on the organization's website, specifically looking for security contacts. If those are unavailable, try the general contact form.

May 2021 - Spam Resource
Expert view

Expert from Word to the Wise says reporting DMARC authentication problems is a challenge, but a good starting point is looking at the organization's website for contact information.

April 2021 - Word to the Wise
Expert view

Expert from Email Geeks says they tweeted Elon Musk about the DMARC record issue.

November 2022 - Email Geeks

What the documentation says
6Technical articles

When reporting DMARC issues to an organization like Tesla, documentation suggests a tiered approach. Initially, contact abuse@domain or postmaster@domain. If these are unresponsive, investigate the DMARC record itself for RUA or RUF tags, which might specify a reporting address, though these are not always actively monitored. As a next step, attempt to identify and contact IT staff. If these methods are unsuccessful, consider alternative channels, including general contact points or even escalation via social media platforms like Twitter or LinkedIn. In Microsoft's case, utilizing their 'report junk email' feature can flag potential issues internally.

Key findings

  • Abuse/Postmaster First: Start with abuse@domain or postmaster@domain for initial contact.
  • Check DMARC Record: Examine the DMARC record for RUA/RUF tags, but be aware these might not be monitored.
  • IT Staff Contact: If initial emails fail, attempt to identify and contact IT staff directly.

Key considerations

  • RUA/RUF Reliability: RUA/RUF tags might not always be monitored, so don't rely solely on them.
  • Social Media Escalation: Social media can be an escalation path if conventional methods fail, but effectiveness varies.
  • Microsoft Reporting: Microsoft provides a built-in reporting mechanism via the 'report junk email' feature.
Technical article

Documentation from DMARC.org explains the best method for notifying an organization of an issue is to send an email to their abuse or postmaster address. If these are non-existent then start looking for IT staff.

January 2022 - DMARC.org
Technical article

Documentation from RFC7489 (the DMARC specification) explains that the 'rua' tag in the DMARC record specifies an email address to which aggregate reports should be sent, but this isn't always monitored so try other means first.

December 2023 - RFC Editor
Technical article

Documentation from Google Workspace suggests the best contact points are either the RUA or RUF tags in the DMARC record if they are present, otherwise contacting the postmaster@ email.

August 2021 - Google Workspace
Technical article

Documentation from Valimail suggests that if initial attempts fail, escalating through social media channels like Twitter or LinkedIn might get the issue noticed.

July 2021 - Valimail
Technical article

Documentation from Proofpoint (formerly Agari) recommends attempting to contact the postmaster@domain or abuse@domain email addresses for reporting DMARC-related issues. If that fails use a general contact point.

January 2023 - Proofpoint
Technical article

Documentation from Microsoft suggests reporting the issue via their report junk email option. This may flag the issue with them internally.

September 2022 - Microsoft

Related resources
4Resources

Agent Tesla delivered by the same phishing campaign for over a ...
Agent Tesla delivered by the same phishing campaign for over a ...

Agent Tesla delivered by the same phishing campaign for over a year, Author: Jan Kopriva

SANS Internet Storm Center
No big deal: Switch your email provider, but keep your old domain ...
No big deal: Switch your email provider, but keep your old domain ...

I migrated my custom email domain to privacy-first email provider ProtonMail yesterday, and it was surprisingly straightforward.

Medium
Testing DNS records for errors. Validating DKIM, DMARC and SPF ...
Testing DNS records for errors. Validating DKIM, DMARC and SPF ...

Validating DKIM, DMARC and SPF records with external sites

Medium
How can i change DMARC verification settings to let specific email ...
How can i change DMARC verification settings to let specific email ...

About the email routing, I can’t recevied specific domain of email - contact@chingroup.uk. This error show up: "SPF status pass DMARC status pass DKIM status pass Rejected reason: Unknown error: permanent error (550): 5.7.509 Access denied, sending domain [CHINGROUP.UK] does not pass DMARC verification and has a DMARC policy of reject. How can i change the DMARC verification settings? let this email pass the DMARC verification.

Cloudflare Community

Related questions