A few days ago I sent a GDPR request to some company to delete my personal data. They said to install their app and send a ticket from the app. The email was sent from the email address to which the account is registered. Is this even legal?

  • My Password Is 1234@lemmy.worldOP
    link
    fedilink
    arrow-up
    3
    ·
    1 year ago

    Anyway they should configure their systems to reject unsigned e-mails and providers that don’t have a proper SPF configuration. SPF (Sender Policy Framework) allows you to make sure that the message was sent by an approved server and was not forged by some hackur.

    • fatalError@lemmy.sdf.org
      link
      fedilink
      arrow-up
      2
      ·
      1 year ago

      You’d be surprised how many legitimate email are sent with failed SPF. Even Microsoft sometimes doesn’t update their MX records and the SPF fails.