I think this has been discussed in the past. As part of our overall security implementation we will be dropping outbound port 25 for non business customers and business customers dont have an email rserver on record with an appropriately configured SPF record.
I know which customers havent gotten with the times. The problem is how best to communicate with them. I am thinking its best to just drop it for a few hours at a time to drive support calls from those who notice it during that window periodically until we implement it permanently to limit a flood of support calls all at once. And maybe a notice on our website of what is going on. The issue I have is if we reach out in any way, directly, we circumvent all the antiphishing propaganda. If we email, then spoofed emails are trusted, if we email with a link, then they start trusting spoofed emails with links, same with our telephone number. If we reach out directly via telephone, well then they start paying IRS fines to John from india. anybody else implemented this and handled it responsibly? -- If you only see yourself as part of the team but you don't see your team as part of yourself you have already failed as part of the team.