Understanding Domains - Comstat | Ruthin, North Wales

Configure SPF, rDNS, DKIM, and DMARC for email

by Steve Galloway | Jul 5, 2025 | Articles and help

Introduction

Sending and receiving email should be straightforward, but a lot of background checks happen before your organization’s email is delivered reliably and securely. Use this article to activate SPF, rDNS, DKIM, and DMARC to make sure your email reaches recipients, and protects your email server from crippling outcomes like dropped email and public blacklisting.

“Undeliverable”: What cost a lost email that you never know a recipient has not seen?

Click open the headers below to learn about email deiverability and “trust”. Please read through this entire article before starting to engage individual modifications to your email server. Changes you make are done so at your risk so be sure to contact us for general advice if you are in doubt. Support options are available for professional assistance. Click on images to view at full-sized resolution.

Why do these protocols matter?

If you do not put a postage stamp on a letter, it probably will not reach its destination, and without a return address you will certainly never know what happened to the letter.

Similarly, without SPF, rDNS, DKIM, and DMARC, email that you send will be erratic and unpredictable. This is because industry tools to assess “trust” are not operational. These protocols are like postage stamps. You may think “it has never been a problem before”. Partly this is because when email does not reach a recipient, you know you sent it but the recipient does not know it was supposed to be received.

Everyone has sent an email that has never reached its target. These protocols are why most failures happen, and in business communications…. it matters. The protocols we cover in this article enable your suppliers’ and customers’ email servers to “trust” your email and its “brand”.

“Postage stamps” for email

The one question we are posed by clients in 25 years of IT support more than anything else is the plaintive “why aren’t my emails getting through?”. Hopefully, it is only because of a badly spelled email address. Often, though, the answer is that outgoing email is not sending adequately “stamped” emails with “return addresses”.

Protecting your identity – “trust”

Protocols like SPF, rDNS, DKIM, and DMARC are email’s a little bit like postage stamps. When the bar code on a postage stamp is recognized as authentic, the envelope is sent to its destination. Similarly, protocols enable receiving email servers to measure and “trust” the authenticity of your communication. Put another way, these protocols protect your email from being measured as spam or malicious email.

Self serve guides for implementing email protocols

Your web server is optimised for delivering your web pages. If email is included in your package, we have made sure that an email server is enabled with necessary email tools. However, like flat-pack furniture, your email server is minimally configured and the protocols described here need to be aligned with your domain name.

These domain name modifications can only be manually configured by you or your agent. If we look after your domain name, we would configure these modifications within your ongoing support. If we do not have admin privileges for your domain name’s “zone record”, and you have elected against support, then you need to configure your domain name’s zone record.

If you do not have expert in-house IT skills, consider our DNS configuration service and ongoing support plans.

DNS Configuration – Professional support

DNS is awkward technology, even for IT pros. If you purchased your domain before you began using our servers and you want us to manage your domain name records for you, we can still administer your domain name records (DNS) annually for £75, including periodic updates as they are required. Use the PayPal QR code at the bottom of our home page for to send us payment, or contact us to arrange invoicing for our DNS service. This is included in optional support arrangements that you may already subscribe to.

DNS Configuration – self-service option

Use our “self-serve” guides linked below to implement SPF, rDNS, DKIM, and DMARC. There are a few ways to deal with these modifications, and it really depends on how your domain name, and your authoritative nameservers are configured. Read more about deciding where to manage your authoritative nameserver here. So these articles might not be exactly on point for your situations. Again, ask us for advice. Implement the protocols in the order listed:

Tips and tricks

some protocols may take up to 24-72 hours to resolve
read through each guide before starting
monitor email for a week or so before enabling the next protocol
do not make DNS modifications during heavy traffic/important projects
document what you do (e.g. screen shots) so that you have a note of “last known” working state

Bear in mind that changes made to domain names happen in real time, and errors can cause web site and email outages that could take up to 72 hours to restore. If in doubt, contact us first.

Summary

Email is vulnerable to malicious attacks that pose risks to your online identity, reputation, and hijack. Implementing SPF, rDNS, DKIM, and DMARC helps to ensure that your outgoing email reaches recipients.

Implementing these kinds of services is challenging without experience. If you do not have expert in-house IT skills, consider our email configuration service and ongoing support plans. We are glad to quote on request.

5 Best Calendar Booking Widgets for Sitejet Websites in 2025

by Steve Galloway | Aug 18, 2025 | Articles and help

Introduction

Calendar booking widgets are ideal for integrating with your Sitejet web site to allow customers, clients or patients to book appointments, reserve fixed-time slots, or buy tickets for events. Here, we explore widely used calendar booking widgets that work well with Sitejet. We will also explain how to embed calendar booking widgets easily—even if you are new to web design.

Click open the headers below to find out how more about expanding Sitejet Builder’s functionality with leading calendar booking widgets.

How to integrate your Calendar in Sitejet

Sitejet Builder makes it simple for you to add third-party calendar booking widgets, and for that matter any kind of widget, to your website. Here’s how:

Embed a calendar booking widget with a Sitejet element

Use Sitejet Builde’s HTML Element: In Sitejet’s editor, drag and drop the “HTML” element onto your page.
Paste the Embed Code: Copy the embed code from your chosen calendar tool and paste it into the HTML box.
Preview and Publish: Click “Preview” to see how it looks, then publish your site when ready.

Link your web page to a third party calendar host

Alternatively, you can link to an external booking page hosted by the calendar provider. This is useful if you prefer not to embed anything directly. If you do this, you may need to review the candar host’s terms and conditions to satisfy yourself that personal data is properly safeguarded for GDPR purposes.

1. Microsoft Bookings (For Microsoft 365 Users)

Microsoft 365 subscribers with 365 Business or Enterprise licenses can integrate Bookings into their existing Exchange calendars. This provides GDPR compliance “out-of-the box” that many other calendar solutions do not provide. If Bookings is included in your subscription, there really is not a lot of point considering other calendar booking widgets. This is because Bookings leverages Microsoft’s dominant Exchange platform and provides options for multiple calendars, services, and much much more.

Strengths

Seamless integration with Outlook and Teams
Customizable booking pages for individual staff or teams
Automatic email/SMS reminders (subject to geographical/license) to reduce no-shows
Excellent booking reliability per Exchange’s Enterprise-grade Activesync
Secure data storage within Microsoft 365

Weaknesses

Requires a Microsoft 365 subscription (Business Basic or higher)
Limited branding customization compared to other tools

Best For: Consultants, therapists, and solo practitioners. ComStat.uk uses Microsoft 365 Bookings to enable end users to book services – click here to view the page. This page is configured for servicing IT. Bookings can be flexibly configured within Microsoft 365 to suit industry sectors.

2. Calendly

Calendly is one of the world’s most wodely subscribed custom booking widgets. It is a leading scheduling platform with over 10 million users and a 21.45% market share, making it one of the most dominant tools in the appointment booking space. Its major features include seamless calendar integration (Google, Outlook, iCloud), automated reminders, timezone detection, and compatibility with over 100 apps like Zoom, Slack, and Salesforce. With 2.145 million paying customers and over 57,000 businesses using it globally, Calendly is especially popular among professionals and teams seeking a simple, user-friendly way to manage meetings and appointments.

Strengths:

Easy to use and set up
Integrates with Google, Outlook, and iCloud calendars
Supports payments via Stripe and PayPal
Offers automated reminders and timezone detection

Weaknesses:

Free version has limited customization
Branding options are restricted unless you upgrade

Best For: Consultants, therapists, and solo practitioners.

3. Common Ninja Calendar Widget

Common Ninja Calendar Widget is a flexible and visually appealing solution for displaying events on websites, catering to businesses, event organizers, and bloggers. It supports customizable designs, responsive layouts for mobile and desktop, and integration with popular calendar services like Google Calendar. Its ease of use and aesthetic focus make it ideal for users seeking a professional-looking event display without complex setup.

Strengths

Drag-and-drop HTML embed setup
No technical knowledge required
multiple skins, color options, and layout views
add images and media to calendar entries

Weaknesses

No built-In booking or Payment System
Best suited for basic booking needs
Intended for event display, does not handle bookings natively

Best For: no-code deployment of visually impactful event showcasing

4. Google Calendar

Google Calendar can accept bookings from guest users, including those who do not have a Google account, through its Appointment Schedules feature. This makes Google Calendar a viable option for professionals and clinics who want to offer easy, no-login-required appointment booking. However, most people use Google Calendar in it consumer “free-to-use” offering, which poses risks for data protection. Also, Google does not provide any Service Level Agreement in its consumer product, so this should be considered carefully in cases where data is sensitive and critical.

5. Elfsight Appointment booking widget

Elfsight Appointment Booking is a popular resource for all kinds of website widgets. Indeed, Wix and Shopify users are no strangers to Elfsight’s widget library, including their flexible appointment and even calendars for small businesses, clinics, and service providers to streamline online appointment scheduling. The scheduler offers customizable calendar booking widgets with service descriptions, pricing, durations, and availability settings, along with automated email confirmations and Google Calendar integration to prevent double bookings. Trusted by over 2 million users, it is ideal for those seeking a professional, branded booking experience without needing technical expertise.

Strengths

Easy Integration with Sitejet
Google Calendar Sync
Customizable and Professional Design

Weaknesses

No Built-In Payment Processing
Basic Rescheduling, advanced workflow and Confirmation procedure

Best for: not-for-profit organizations or social networking

Summary

Choosing the right calendar widget depends on your needs, budget, and technical comfort level. For Microsoft 365 users, Microsoft Bookings is a natural fit. If you’re in healthcare, Carepatron (not listed here) offers a robust free solution beyond the scope of bookings. Common Ninja Calendar Widget is ideal for publiscising events. For general use, Calendly and Google Calendar are reliable and widely adopted.

About ComStat.uk: Internet Service Provider Comstat provides IT support, web hosting, and media services including website design, Microsoft 365 setup, and audio/video production, serving businesses across Denbighshire, North Wales and Wirral from Ruthin, and Lancashire and the Northwest from Bolton.

Move a Sitejet website from a subdirectory to the root in cPanel

by Steve Galloway | Aug 16, 2025 | Articles and help

Move your website without losing anything

When you have built your Sitejet website in a subdirectory of the public_html folder on a virtual server managed by cPanel, the next stage is to move the website to the root directory of your public_html directory. Developers and novice IT users build websites this way to keep their live site untouched during development of their new content. Now you are ready to go live, it is time to move your Sitejet website to your web server’s root directory — and possibly replace an existing WordPress or other site.

This guide walks you through the process step-by-step, including how to back up your Sitejet website content, avoid common pitfalls, and enjoy a smooth transition.

Click open the headers below to find out how to publish your Sitejet website in your root directory.

Step 1: Backup your Sitejet website first

Before making any changes to your web site location, back up your Sitejet website using Sitejet’s built-in tools first. This is crucial in case something goes wrong during the move.

To back up your Sitejet site:

Log into your Sitejet dashboard.
Navigate to the project you want to back up.
Use the Export or Backup feature to download your site files.
Save the backup locally or to cloud storage.

This ensures you have a full copy of your site, including HTML, CSS, JS, and media files.

Step 2: Prepare your web server's root directory

Your Sitejet site will replace the current contents of the root directory (public_html). If there’s an existing WordPress or other site, you’ll need to:

Backup your existing website using cPanel’s File Manager or your WordPress backup plugin if you use one.
Delete or rename the current index.php or index.html file to avoid conflicts.
Check for hidden files like .htaccess that might affect redirects or permissions.

You could rename a file like index.php or index.html to “index-old.php” or “index-old.html”. This way you can always the change the file name back to its original name to restore the file if you need to. Also, when checking for hidden files, it is a good idea to edit File Manager settings to “hide” files again. System files that have global significance to your web site are often hidden to prevent accidental delation during daily management.

Step 3: Move Sitejet files to your root directory

Understand Sitejet’s File Structure and Editing Model

When you publish a Sitejet website to a subdirectory (e.g., public_html/sitejet), Sitejet manages your website files there and allows you to edit content using Sitejet builder.

You could manually move your Sitejet files to the root (public_html) directory. If you do this, however, The pages will be rendered as static pages. When this happens, Sitejet will no longer recognize or manage those pages. There are some reasons why you might want to do this. However, it is likely that you would want to continue to edit and develop your website. Therefore, you can move the website to root and continue to edit it by changing the “publish path” in Sitejet Builder.

Change the Publish Path in Sitejet

In case you have not completed Step 2 above, be sure that you have done these things if you have an existing web site in root first:

Back up any existing site (e.g., WordPress) using cPanel File Manger > Backup or a WordPress plugin.
Remove or rename conflicting files like index.php, index.html, or .htaccess.
Ensure the root directory is clean to avoid file conflicts.

This helps Sitejet publish cleanly and ensures your domain loads the correct content.

After making sure you have backed up any existing website in your root directory, this is how to relocate your website to your web server’s root directory so that you can continue to edit the website with Sitejet:

Log into Sitejet and open your project.
Go to Project Settings > Publishing.
Change the publish path from /sitejet (or your current subdirectory) to /public_html or simply / depending on how Sitejet references the root.
Save the changes
Publish the website.

This way, Sitejet will deploy your website directly to the root directory, replacing any existing content there.

Step 4: Test and Confirm

Once you have published your web site to its new location in Sitejet Builder:

Visit your domain (e.g., yourdomain.com) to confirm the Sitejet site is live.
Log into Sitejet and verify you can still edit the site.
Check for broken links or missing assets — especially if your site previously referenced the subdirectory.

Final notes:

Do not manually move files from the subdirectory to the root if you want to keep editing access.
Always use Sitejet’s publishing tools to relocate the site
If you’re unsure about the correct publish path, Sitejet support can help confirm it based on your server setup.

About ComStat.uk: Internet Service Provider Comstat provides IT support, web hosting, and media services including website design, Microsoft 365 setup, and audio/video production, serving businesses across Denbighshire, North Wales and Wirral from Ruthin, and Lancashire and the Northwest from Bolton.

Create a Microsoft 365 Exchange Online connector

by Steve Galloway | Aug 15, 2025 | Articles and help

Configuring Microsoft 365 Connector for Web Server Email Relay

Use this summary to successfully configure a Microsoft 365 Exchange Online connector to relay email from a cPanel web server.

Some web server applications might not be equipped to connect to Microsoft 365 to relay email from your web server If you use Multifactor Authentication (MFA) to login to your email and 365 services.

Instead, an Exchange Online connector recognizes your web server as a legitimate mail server within your Micrsosoft 365 email environment. This means that a properly configured Exchange online connector relays email via Microsoft 365 to recipients without having to deal with MFA.

This article shows you how to configure an Exchange Online connector in Microsoft 365 to accept incoming traffic from your web server on port 25 using TLS. This assumes that your web server application, such as Clientexec, is:

properly configured to send email using SMTP on port 25.
your web server’s email routing configuration is established for “remote mailer”.

Click open the headers below to find out more about how you can properly configure your Microsoft Exchange connector on your server.

1. Verify proper admin privileges in 365

Before you create an Exchange online connector, make sure your Microsoft 365 admin account has the correct permissions, even if you are already a Global Administrator:

Go to Microsoft 365 Admin Center > Roles > Admin Roles
Assign your account, or the user you want to authorize to <Organization Management> if not already enabled

To add your user account to Organization Management role, click open Organization Management and add your user account. If you belong to a group, you can add that group to this role too.

This role is required to access and configure TLS settings in connectors. Without this role, TLS options may be hidden even in the new Exchange Admin Center.

2. Access the New Exchange Admin Center

Use the Microsoft 365’s modern interface to create and edit an Exchange Online connector:

Go to URL: https://admin.exchange.microsoft.com
Navigate to Mail Flow > Connectors

Note: be sure you are logged in to the new Exchange Admin Center. The legacy admin center will not support the options you need. Log into the new Exchange admin centre for managing roles and mailflow > connectors. You can tell by checking that the path in your browser navigation bar includes the link above.

3. Create a New Connector

Use these settings:

From: Partner organization
To: Microsoft 365
Purpose: Accept email from your web server

Important configuration steps:

Connector Type: Must be set to Partner (not Internal)
Sender IP Address: Add your web server’s public IP address
TLS settings:
- Require TLS: Must be checked
- Require that the subject name of the certificate matches this domain name: Must be checked
- the domain name you enter must also be registered in your Microsoft 365 tenancy.

If you do not see these TLS preferences, you either have insufficient privileges, or you have chosen the wrong type of connector

The last preference enforces certificate validation during an SMTP handshake

4. Testing the Connector from the Web Server

Verify DNS and SMTP Connectivity

On your web server, use teh Linux “dig command to confirm mailflow routing using SSH or cPanel’s terminal. This demonstrates that by showing a Microsoft IP address in output, the outgoing message is not intercepted by Exim or other processes on your web server.

# Check MX records
dig “yourdomainname.com” MX

Use openSSL to confirm TLS handshake with SMTP server with SSH or terminal. You may need to llok up your mailhost in 365. Usually it looks like “yourdomainname-com” rather than “yourdomainname.com”

openssl s_client -starttls smtp -connect “yourmailhost”.mail.protection.outlook.com:25

Send a test email via PHP using a script like:

$to = “insert valid 365 email address”;
$subject = “Test Email from Web Server”;
$message = “This is a test message.”;
$headers = “From: insert email address”;

if (mail($to, $subject, $message, $headers)) {
echo “Email sent successfully.”;
} else {
echo “Email sending failed.”;
}

Use different From: and To: addresses to avoid spoofing or loopback issues. Also, this can be saved as a script, uploaded to public_html on your web server, and run via a browser by pointing yout browser to the php file you have saved. Delete the file after testing.

5. Verify Connector Status with PowerShell

.Use Windows PowerShell 5.1 with the Exchange Online Management Module. Powershell 7.x does not currently carry the inventory of commandlets used for Exchange Online that v5.1 supports. If you are not familiar with Powershell, find help on checking and enabling “ExecutionPolicy” to enable scripts to run. Also, you may need to install a module called Connect-ExchangeOnline.

# Connect with MFA
Connect-ExchangeOnline -UserPrincipalName youradmin@yourdomain.com
# List connectors
Get-InboundConnector | Format-Table Name, ConnectorType, Enabled, RequireTLS, TlsSenderCertificateName
# Detailed view
Get-InboundConnector -Identity “YourConnectorName” | FL Name, ConnectorType, Enabled, RequireTLS, TlsSenderCertificateName, SenderDomains

6. Understand Sent Items Behavior

Emails sent via the connector:

Do not appear in Sent Items of the mailbox listed in the From: field
Are treated as externally relayed messages, not user-initiated

Summary

Microsoft 365 connectors are powerful but require

properly configured 365 admin roles
TLS enforcement
Correct connector type and IP configuration
Careful testing from the sending server

About ComStat.uk: Internet Service Provider Comstat provides IT support, web hosting, and media services including website design, Microsoft 365 setup, and audio/video production, serving businesses across Denbighshire, North Wales and Wirral from Ruthin, and Lancashire and the Northwest from Bolton.

Email Management in cPanel: Save Space, Cut Costs, and Go Green

by Steve Galloway | Aug 13, 2025 | Articles and help

Introduction

Managing your ageing email is about more than keeping your inbox tidy — it is also about saving money and reducing your environmental impact. With a few simple habits and smart settings, you can keep your email system running smoothly while helping datacenters use less energy.

Click open the headers below to find out how you and your staff can control email storage at a user level.

Why Email Storage Matters

Every email stored on a server uses energy. Whether it is a short message or a large attachment, it takes power to keep that data alive. Multiply that by millions of users, and the energy cost becomes significant.

Storage means power consumption

Datacenters consume a growing share of global electricity use. For instance, according to a 2024 report by the U.S. Department of Energy (DOE), US datacenters are expected to reach up to 12% of the national power supply by 2028 in the United States. Datacenter power consumptions is predicted to increase similarly in developed nations.

Best Practices for Managing Mailboxes

To keep your email system efficient, you and your staff can follow these tips:

Set sensible quotas: Assign mailbox limits between 500MB and 2GB for regular users. Heavy users may need more, but limits help prevent overload.
Monitor usage: Use cPanel’s “Disk Usage” tool to track mailbox sizes and spot accounts that need cleanup.
Clean regularly: Delete old messages, empty spam and trash folders, and remove large attachments.
Use filters and forwarders: Set up rules to manage incoming mail and forward messages to reduce clutter.
Send links: sending links to files in OneDrive, Dropbox, and Google Drive avoids file duplication, reduces mailbox size, and relieves network congestion.

User-level vs organizational level management

These tips above are aimed at user level management. GDPR-compliant businesses use archiving and “rules-based” policies to control email storage. Also, GDPR-compliant businesses exercise controls to prevent indiscriminate or malicious email deletion. So, even if you are a small organization, you should have a written policy to set out management procedures.

Email archiving

Microsoft 365 excels at archiving an rules-based managment and it is the email service of choice for “mailflow”, archving, and advanced functions like litigation locks. cPanel web servers can still achieve good housekeeping results. Admins can manage email accounts centrally. Also, users can:

Manually move old emails to archive folders.
Use an email client like Outlook or Thunderbird to automate archiving.
Admins and ComStat.uk can provide custom scripts or cron jobs to archive or delete old emails based on age.

If you are a cPanel web server admin, you can refer to this article for more information about your cPanel email service.

Small Habits, Big Impact

Individual users can make a real difference by:

Unsubscribing from unwanted newsletters and mailing lists.
Monitoring spam and deleting it promptly.
Avoiding digital hoarding—don’t keep every email forever.

Regular attention like this reduce the load on servers, cuts energy use, and helps data centers operate more sustainably.

Summary

Managing email storage is more than just good housekeeping — it is a step toward better performance, lower costs, and a greener internet. In reality, cleaning up your email might not save that much energy. However, if you left all your snail mail on the kitchen table for 15 or 20 years, you would have a mess to sort out. By setting limits, cleaning mailboxes regularly, and adopting smart habits, you can do your part to keep your inbox—and the planet—healthy.

About ComStat.uk: Internet Service Provider Comstat provides IT support, web hosting, and media services including website design, Microsoft 365 setup, and audio/video production, serving businesses across Denbighshire, North Wales and Wirral from Ruthin, and Lancashire and the Northwest from Bolton.

Schedule your social media posts with Social Bee

by Steve Galloway | Aug 12, 2025 | Articles and help

Automate your social media management

Social Bee, available via your web server’s cPanel dashboard, helps you post your social messages at scale across platforms like Facebook, Instagram, Linkedin, YouTube and more to save save time and improve your brand’s online presence.

Click open the headers below to find out more about how you can reduce overheads with Social Bee to schedule and post your content across multiple platforms.

What Is Social Bee?

Social Bee is a social media management tool. It lets you schedule posts, manage content, and track performance—all from one place. If your business uses Facebook, LinkedIn, Twitter, or Instagram, Social Bee helps you stay active without logging into each site to manually organise posts.

You do not need to be tech-savvy to use tools like this. Social Bee works directly from your cPanel dashboard. That means no extra software, no complicated setup, and no need for IT support. Instead, you can manage social media messaging with Social Bee to automate posts on social platforms like:

Facebook
Instagram
Threads
X
LinkedIn
Pinterest
TikTok
YouTube
Google Business Profile
Bluesky

Why Use Social Bee?

Social Bee is available as a standalone subscription. However, by integrating the platform through your cPanel web hosting portal, you can:

Share content on multiple networks at once
Schedule posts in advance
Re-use “evergreen” posts to keep your feed fresh
See what works and improve your strategy with analytics

These features help you maintain a consistent online presence. This is important for building trust and attracting customers.

Easy Access via cPanel

Social Bee is already available through your web server’s cPanel dashboard, which is the control panel you use to manage your web hosting. Navigate to <Domains>, click on Social Media Management, and set up your account. After setting up your Social Bee account, log in to your server’s cPanel dashboard, navigate to <Domains>, click on Social Media Management, and start posting.

Social Bee is integrated with your cPanel web server dashboard.

Summary

Social Bee is a smart choice for busy business owners. It saves time, boosts your social media reach, and improves your content quality. Best of all, it is easy to use—even if you are not an IT expert.

Ready to simplify your social media? Try Social Bee today through your cPanel dashboard.

About ComStat.uk: Internet Service Provider Comstat provides IT support, web hosting, and media services including website design, Microsoft 365 setup, and audio/video production, serving businesses across Denbighshire, North Wales and Wirral from Ruthin, and Lancashire and the Northwest from Bolton.

2025 Email Security Guide for Business Owners: Avoiding Scams and Attacks

by Steve Galloway | Aug 8, 2025 | Articles and help

The Hidden Dangers of Business Email in 2025

Email remains a vital tool for business communication. But in 2025, it’s also a growing target for cybercriminals. From phishing scams to AI-powered fraud, threats are evolving fast. Let’s explore what business users need to watch out for—and how to stay safe.

Click on the headers below to find out more about email Inbox threats. Click on inmages to view at full-sized resolution.

Phishing Scams: Smarter, Sharper, and More Targeted

Phishing is no longer about mass emails with poor grammar. Today’s scams are precise and convincing. Attackers use generative AI to craft messages that mimic real people and companies according to Threatlabz. These emails often target HR, finance, and payroll teams—where sensitive data and money flow.

The only way to tell that this evidently legitimate email from Microsoft is a hoax was to hover over the “verify payment information” link to see that the link was not a valid Microsoft end point.

Key tactics include:

Voice phishing (vishing): Scammers impersonate IT support over the phone.
CAPTCHA-protected phishing sites: These look legitimate and bypass basic security.
Crypto wallet scams: Fake alerts trick users into giving up credentials.

Threatlabz goes on to say that even education sectors are under attack, with phishing up 224% in 2024. The goal? Steal data, money, or access to systems.

AI-Powered Fraud: A New Era of Deception

AI is changing the game. It helps scammers build fake websites, clone voices, and create deepfake videos [2]. These tools make fraud faster and harder to detect.

Common scams include:

• Fake job offers: AI-generated listings lure applicants into sharing personal info.
• E-commerce fraud: Entire storefronts are built with fake reviews and products.
• Tech support scams: Attackers pose as IT staff to gain remote access.

Microsoft reports that AI tools are being used to scan the web for company data. This helps attackers create highly personalized lures.

Summary

Customizing folder colours is a great way to help you and others find content easily, especially in large folder lists. Remember, you can also “favourite” a folder to help find your content faster.

Changing a folder’s colour in OneDrive will only be visible to you.

Changing a folder’s colour in Sharepoint will be visible to users who you share it to.

Since Teams stores folders and files in Sharepoint, Teams administrators can change folder colours by opening a Teams’ file library using <View in Sharepoint>.

Lastly, Sharepoint’s broader capabilities means that advanced users can automate folder properties including folder colours.

Business Email Compromise (BEC): The Silent Threat

BEC attacks are rising. These scams involve impersonating executives to request wire transfers or sensitive data according to Socium. AI helps attackers mimic writing styles and internal workflows.

Watch out for:

Lookalike domains: Slight changes in email addresses trick employees.
Predictive phishing: AI analyzes past emails to time attacks perfectly.
Urgent requests: Messages often pressure staff to act fast without thinking.

BEC is costly and hard to detect. It’s one of the most damaging threats facing businesses today.

How to Stay Protected

Cyber threats are evolving, but so are defenses. Here’s how to stay ahead:

Use multi-factor authentication (MFA) across all platforms.
Train employees regularly with phishing simulations.
Deploy AI-powered email filters to catch suspicious content.
Secure mobile devices against smishing and app-based attacks.
Consider enhanced security like Conditional Access, which limits access to approved devices.

Zero Trust principles and advanced threat detection tools are key. They help limit damage even if an account is compromised.

Summary

Email threats in 2025 are smarter and more dangerous than ever. AI is helping attackers craft believable scams that bypass traditional defenses. But with awareness, training, and the right tools, businesses can fight back.

It is difficult to explain the catastrophinc effect that a professional hack on a business has. Even with resources that companies like Marks & Spencer have, a well executed hack brings enormous costs and losses to bear. Worryingly, high profile hacks are only the tip of the iceberg – small business statistically bear the brunt of hacks than any other business class. Nor is it business that any IT professional wants to have to take one. Usually, this is because it was avoisdable in the first place. Talk to us first.

About ComStat.uk: Internet Service Provider Comstat provides IT support, web hosting, and media services including web design, Microsoft 365 setup, and audio/video production, serving businesses across Denbighshire, North Wales and Wirral from Ruthin, and Lancashire and the Northwest from Bolton.

Safeguard your .uk domain names – Nominet

by Steve Galloway | Aug 4, 2025 | Articles and help

Register an account with Nominet

Your domain name is a critically important part of your online services and your business identity. Your domain name is how customers find and trust you online. It is the jigsaw piece that has to work every time someone needs to see your website or send you an email. So, your domain name is strategically vital to your visibility and daily operations.

Click on the headers below to learn how to use a Nominet account to tighten control of your .uk domain names. Or, skip the sermon, and access Nominet Online Services here.

Contact us for help.

Compliance

UK businesses like yours are responsible for protecting personal data under statutory GDPR provisions. If your domain name is registered through a third party (like a web designer or IT supplier), and you do not have direct access to your domain name’s control panel, you do not know that your registration details are accurate. For instance, when you bought a domain name, were you even thinking about legal title? This can lead to compliance issues.

Ownership versus administrative control

There are good reasons why owners do not have daily access to their domain name. Domain names are like phone books which direct traffic to the services you need to operate. For instance, email might operate from Microsoft 365, and your web site operates from a server based at Canary Wharf, London. Your domain name controls all of your online services, and inadvertant edits to your records could catastrophically disrupt your services. Even a missing period or full stop could take your IT services down. So, unless you are expert in one of IT’s trickiest technologies – DNS – you need to rely on someone who is.

This is why, as businesses grow, owners delegate administrative conduct of their domain names to one or more IT professionals. In this situation, the owner stil owns their domain name, but an IT expert can manage the domain name from their own registry agencies. In a way. This allows for rapid intervention in the even of outages or equipment or datacenter failures.

Most owners give administrative custody to consultants at Registrar level, but do not secure their overriding rights at Nominet. This is a critical risk.

However you manage or delegate your domain name, you need a back door so that you have a trump card to change your admin, or transfer the domain name to another registrar. It is not really a matter of trust. An IT supplier might fail. A malicious hacker might gain access to your domain name with the intention of holding you to ransom. It is a matter of security, and therefore GDPR.

Nominet provides independant access to owners

Nominet is the not-for profit organistation which governs the operation of .uk domain names – about 10 million domain names at time of writing. You can buy directly through Nominet, however Nominet prefers to delegate daily conduct of new registrations, transfers and renewals to registrars like GoDaddy, TuCows, Enom, OpenSRS, Joker.com and many more. You probably have not heard much about Nominet and that is a tribute to its well regarded behind-the-scenes operations worldwide.

You probably had an email from Nominet when you bought your domain name asking you for some information. In most cases, we find that this email is ignored. Partly, this is because you might not know who Nominet is. Partly, this is because the domain name bears such an insignificant cost, the effort to seal loopholes seems pointless.

Access Nominet Online Services here.

Protect Your IT assets

Take advantage of ownership privileges

Registering an account at Nominet helps you clarify legal title and other information that might not have been properly recorded at point-of-sale. For instance, Nominet might list you as owner because you had to use your name and address to get a credit card to work. However, the domain name should really be the property of a limited company. Owner information is legally binding, so seemingly small details at point of sale can cause problematic and costly issues at law in future.

Also, although you might need to delegate daily management of your domain names to an IT expert (unless you have a professional IT department), you can still exercise control as owner via your Nominet account. If you do have this kind of control, then your IT experts can transfer your domain name to other registrars who might provide better tools for DNS features that you need. Or, if someone hacks your registrar account and hijacks your domain name, you can resort to Nominet to recover control.

This security is overlooked to a worrying degree. Even organizations that puport to be fastidious about IT policy and GDPR rarely act to secure the one IT asset which can cause catastrophic damage to all online services instantly if compromised.

Nominet Online Services

Nominet has a facility that protects your global ownership for .uk domain names – Nominet Online Services.

Nominet’s online portal allows you to associate domain names that you own with your Nominet account which provides a haven of last resort in situations where a supplier fails, or a malicious entity attempts to hijack ownership of the domain, or other force majeur problems happen.

By associating your domain name with your own Nominet account, you can manage your data directly and ensure it is handled in line with GDPR requirements. Really, GDPR is not about penal legislation. Rather, GDPR is a framework to help you document what is common sense in the first place.

This kind of control is essential for business continuity and peace of mind. Access Nominet Online Services here.

Link Your Domain to Your Nominet Account

Take Action

If you own a .UK domain name, you can associate it with your Nominet account. This gives you full control over your domain and ensures you are protected. Access Nominet Online Services here. This service only operates for .uk domain names, so you could not include a .com domain name in your Nominet protfolio. .com and other domains use other tools to “harden” ownership, and we can give you advice about this if you need to follow this up.

About ComStat.uk: Internet Service Provider Comstat provides IT support, web hosting, and media services including web design, Microsoft 365 setup, and audio/video production, serving businesses across Denbighshire, North Wales and Wirral from Ruthin, and Lancashire and the Northwest from Bolton.

Adding background images with Sitejet

by Steve Galloway | Aug 4, 2025 | Articles and help

Background images in web pages

This note briefly describes how to use background images with Sitejet. Bcckground images are difficult for a few reasons. The biggest problem is rendering an image, or a repetition of an image as a “tiles” so that it appears consistently on large screens, laptops, tablets, and mobile devices. For background images, consider using expert help.

In this example, a website owner uses a semi-transparent section to overlay a background image.

Click on the headers below to learn more about managing background images using Sitejet Builder’s “no-code” option.

Where does the image belong?

A web page is not like a sheet of A4 paper – unless we specify an area in which to contain our content, a web page has limitless dimensions. So, the first issue to decide is where does an image belong?

Web site layout elements

Conventionally, a web page has a global element called a CONTAINER. Within a container there can be one or more SECTIONS, which in turn can have one or more MODULES.

Background images can be inserted in any of these elements. A background image can fill an entire container, or it can fill an element as finite as a row within a module. An image can fill any element in between. An image could include a simple solid fill colour like light grey to distinguish between alternate rows.

How big should the image be?

Image dimensions

Unfortunately, what works for one web site may be disastrous elsewhere, and image content itself can become a problem. You may have to crop or scale an image after seeing what it looks like when you insert the image into a background.

The best starting point is an image that measures 1920w x 1080h. This will usually resolve satisifactorily for desktop/laptops. However, background images need to be sized differently for tablet and mobile, so you may need 2 or 3 images which can be called upon to suit viewers’ devices. However, this is not an absolute rule. Headers (especially) and sections/rows may require a sizizing compromise to work efficiently with a page layout.

File size and type

Files should be no more than 500KB. For home use, file size is not critical, however mobile users may experience slow page loads in areas where mobile coverage is minimal, and those who carry minimum data limits are more susceptible to possible service drop-outs as they reach monthly targets.

webp may be desirable file formate for images that tend to err towards large file sizes. jog/jpeg is a standard file format for static images, and png is used for images where image transparency or other effects are required.

Image Considerations

How the image is programmed depends on a few factors. For instance, you may want a static image that “covers” the container area. A background image can be anchored to text as you scroll, but it can remain static so that text moves as you scroll. Also, a background image may need to have some opacity – i.e. fading so that textual content is clearly legible. This can be handled by your desktop graphics software before you add the picture to your web site image library. Or a background image can be managed by introducting “opacity” or “transparency” in html coding on your web site dashboard. This can make an image look like a watermark when heavily applied. If you are using a pattern, it would be possibe to use a small square or rectangular image which your web server replicates across a container area.

Embedding background image using Sitejet dashboard

This workflow is for a situation where an image is to be applied to a website page “container”. The options are available at section and module levels.

1. Select the Container: Click on the container you want to edit.

2. Open the Style Settings: In the right-hand panel, go to the “Style” tab.

3. Background Settings:
• Scroll to the Background section.
• Choose “Image” as the background type.
• Click to upload or select an image from your media library.

4. Adjust Display Options:
• Set background size (e.g., cover, contain).
• Choose position (e.g., center, top-left).
• Set repeat options if needed.
• Optionally, add a background overlay for contrast.

Options like “cover”, “contain” and placement all have drastic effects on rendering and may need individual configuration for tablet and mobile view.

Summary

Background colours, like a light grey or light blue solid colour, are effective and easily implented. Background images can be visually appealing, but are awkward to render and are probably better reserved for expert intervention unles you are prepared to spend a lot of time configuring layout settings. You can use Sitjet’s “no-code” approach to configure background images at container level, and the principle applies to section and module elements. Advanced effects may require using the HTML authoring tool in sitejet to configure xHTML features.

About ComStat.uk: Internet Service Provider Comstat provides IT support, web hosting, and media services including web design, Microsoft 365 setup, and audio/video production, serving businesses across Denbighshire, North Wales and Wirral from Ruthin, and Lancashire and the Northwest from Bolton.

How to configure DNS for a contact form

by Steve Galloway | Jul 22, 2025 | Articles and help

Integrating contact forms with an external email service

This guide walks you through modifications you need to make to your domain name’s DNS zone record so that your contact form mail can reliably connect to your external email service, like Microsoft 365 or another email supplier.

This article is written for web designers who know websites but may not be as familiar with DNS.

Click on the headers below to find out how to modify DNS records and other steps in the order shown. Click on images to view at full-sized resolution.

1. Why?

One of the biggest reasons spam happens is because a hacker can purport to be you by sending email using your email address from email servers that you do not control. This means end users have to constantly combat rogue email, and email services have to make educated guesses about what is good email before passing it to your Inbox.

These modifications to SPF, rDNS, DKIM, and DMARC help a receiving email server determine that the email it receives really does come from an email server in your control.

If a receiving server cannot validate the source of your email, the receiving server is likely to conclude that your email has been sent from a spammer, in which case the email will be dropped. Your server can implement some tools, but your domain name has to be configured to co-ordinate with your server too.

2. Scenario

This example assumes that a web site owner uses Microsoft 365 for email and the domain name which governs the web site and email is managed at a registrar like GoDaddy where the authoritative zone record is held. In reality, the registrar might be different. For instance, the domain name might be managed at Cloudflare or even Microsoft 365 itself.

The important point is to understand where your authoritative zone record is managed. the web server will have a zone record. However, if the domain name is regitered at a regisrar like Tucows and the domain name uses Tucow’s nameservers, then the authoritative nameserver for your domain is at Tucows.

This workflow assumes:

Your website is hosted on at IP address 88.202.183.10
The domain’s authoritative DNS is managed at a registrar like GoDaddy
Email for the domain (e.g., yourdomain.co.uk) is handled by Microsoft 365
You want your contact forms to send email from the domain (e.g., info@yourdomain.co.uk) using your web server’s mail system

This assumes that you already have a valid email address called info@yourdomain.co.uk. Also, this assumes that DKIM and DMARC are already configured for Microsoft 365. Microsoft organises its DKIM records using CNAME records – this means that Microsoft can handle DKIM identifiers in-house.

This is useful because most other entities use an A record which means multiple there would be multiple DKIM records in your authoritative zone. This is possible, but it might affect reliability. So, if you already have DKIM records in your authoritative zone to cope with another email server, it might be worth considering options.

Preparation

Review the existing authoritative zone record to check for SPF, DKIM, and DMARC. You will need:

credentials for the domain name registrar control panel access
credentials for cPanel to edit and get records from your web server
credentials for any other services that might be implicated, like Microsoft 365
if DKIM is not already configured, refer to this guidance note
if DMARC is not already configured, refer to this guidance note

3. SPF (Sender Policy Framework)

SPF tells receiving email servers which IP addresses you have approved to send mail for your domain. Usually, this record is already posted in your zone record. In the example below, the record is only configured to recognize Microsoft 365:

v=spf1 include:spf.protection.outlook.com -all

So, now we need to include your web server’s IP address to verify that your web server is a valid email server too.

What to do:

Log into the DNS editor where your domain name is managed (e.g. GoDaddy)
Find your existing SPF TXT record (it starts with v=spf1).
Add your server’s IP: ip4:88.202.183.10 before the -all.

Example:

v=spf1 include:spf.protection.outlook.com ip4:88.202.183.10 -all

The syntax is not absolute. For instance, the following record also works:

v=spf1 ip4:88.202.183.10 include:spf.protection.outlook.com -all

Adding your web server’s IP address to the SPF record authenticates both Microsoft 365 and your web server as valid mail servers for your domain.

4. rDNS (Reverse DNS / PTR Record)

Unless you rely on exceptional settings, you do not need to do anything about rDNS. A PTR record is already established in the reverse zone for our servers. This means that the IP address for your server is already mapped to your hostname.

A PTR record can only be created where a reverse zone is accessible. Usually, this means having to post a support ticket at your domain registrar, or asking the owner of the IP address you have been granted to map the setting for you.

5. DKIM (DomainKeys Identified Mail)

DKIM adds a digital signature to your emails.

Usually, DKIM is established with an A record. Microsoft 365 already uses DKIM via CNAME records. This is convenient. Other registrars might already require an A record that you rely on. It is possible to have multiple A records establishing DKIM records for different servers. This might cause some reliability issues though. So, you might need to monitor traffic flow after making this kind of change. In any event, your web server needs its own DKIM setup if it sends mail too.

What to do in cPanel:

Log into cPanel
Go to Email > Email Deliverability
Click open <Manage>
Do not enable DKIM. Instead:
Copy the TXT Name and Value fields shown for DKIM
Add this TXT record to your DNS at GoDaddy

This allows receiving servers to verify that your server’s emails are legitimate.

6. DMARC (Domain-based Message Authentication, Reporting & Conformance)

DMARC tells receiving servers how to handle emails that fail SPF or DKIM checks. settings. This may already be established in your authoritative zone and that record would already be valid as long as:

your SPF record already includes for your web server’s IP address
or DKIM passes for your server (if you set it up)

Example

You can use the values suggested in cPanel > Email > Email Deliverability to create a DMARC record. DMARC uses an industry defined instruction set which is universally adhered to. For now, it is probably only necessary to operate DMARC in “test” mode. However, some services like Microsoft 365 may be sensitive (especially to “contact form” mail and require an elevated metric like p=quarantine.

Name: _dmarc.domainname.co.uk

Value: v=DMARC1; p=quarantine; rua=mailto:your-alias@domainname.co.uk

The three incremental states for DMARC are:

p=none
p=quarantine
p=reject

8. cPanel Mail Routing

Lastly, check that your server expects email to be managed externally. As the records above are being added to your authotitative zone, cPanel will often detect that external email servers are now in use. However, you need to check this setting.

What to do:

log into cPanel > Email > Email Routing
check <Remote Mail Exchanger> if it is not already enabled
save the setting

This ensures your server sends contact form emails to Microsoft 365 instead of trying to deliver them locally.

Testing and Summary

After updating your DNS:

Use MXToolbox to check SPF, DKIM, and DMARC
Send test emails from your contact form to Gmail or Outlook and inspect the headers
Look for spf=pass, dkim=pass, and dmarc=pass

Summary

By configuring SPF, rDNS, DKIM, and DMARC correctly, your contact forms can send email reliably—even when Microsoft 365 or other suppliers handle your domain’s email. This setup helps prevent your messages from being flagged as spam and protects a client’s domain reputation and brand intact.

About ComStat.uk: Internet Service Provider Comstat provides IT support, web hosting, and media services including web design, Microsoft 365 setup, and audio/video production, serving businesses across Denbighshire, North Wales and Wirral from Ruthin, and Lancashire and the Northwest from Bolton.

Free AI website design

by Steve Galloway | Jul 14, 2025 | Articles and help

Sitejet - free AI website design generator

Your web hosting account includes free access to Sitejet AI website design generator. Sitejet builds fully functioning websites with as little as your trading name, business sector, and a few other details. Sitejet includes a website design editor so that you or your website designer can customize website elements and introduce special effects.

Sitejet usually costs from $15/mo as a standalone service at time of writing. We are now providing this feature in your cPanel dashboard as standard at no additionalt startup or ongoing cost.

Click on the headers below to find more about Sitejet. Click on images to view at full-sized resolution.

What does Sitejet do?

Sitejet AI is an innovative DIY website builder. By providing your company name, business type, and a few other details, Sitejet AI can generate a professional website that reflects your brand and services using professionally authored website templates. Finshed websites are “mobile responsive”, which means that website content is optimized for PC, laptops, and mobile devices. The process can take seconds to execute.

AI generated website design lowers cost barriers

Sitejet is perfect for business owners who:

do not have IT expertise
who want to establish an online presence
who need to minimize cost
who optionally want a proof-of-concept to minimize conventional development costs

At time of writing, Sitejet Studio costs from $15/mo as a standalone product. As a cPanel user, we are including this utility as standard in your web hosting dashboard for no charge

Sitejet includes Ecwid Shopping Cart. Note that this feature is subject to subscription for more than 5 product listings.

In addition to a customizable template library (about 150 mobile-responsive templates at time of writing), Sitejet includes:

AI text generation and image/video galleries
no-code drag and drop editor for layout editing
AI co-ordinationwith business logos, and
SEO meta and content optimization
SEO reporting/metrics by Xovi Now

Save on Conventional Designer Costs

Hiring a professional web designer can be expensive. With Sitejet AI, you can bypass these costs and still achieve a high-quality website. The AI generator handles the heavy lifting, creating a site that is both functional and visually appealing. This means you can allocate your budget to other important areas of your business.

AI can make big inroads on web design costs. However, templates are often a “proof of concept” and in our experience users tend to want some kind of customization. Sitejet provides a dashboard for dealinng images, fonts, colour themes, and more. Read the next section to understand how you can use Sitejet AI templates to set the scene for your web designer to customize features.

Demonstrate Your Vision to Website Designers

Templates never quite get it right. This is why big business relies on professional help to achieve visual improvements and SEO optimization. So, AI website generation is not a replacement for professional website design at all. Instead, it works bes as a tool to help your website designer target qualitative improvements at a significant savings to you.

If you plan to hire a web designer for more detailed and customized effects, Sitejet AI can be incredibly useful. By generating a basic website as a “proof of concept”, you can clearly demonstrate your vision and requirements for quotations or tender. This saves time and also ensures that the final product better aligns with your expectations.

Summary

Sitejet provides you with no-code drag and drop editor to build your website from the ground up. Use it to design your own website or as a proof of concept to better equip your design team to achieve better results.

Sitejet usually costs about £150+ per annum, so this addition to your cPanel dashboard already brings enormous value to bear, compared to conventional design costs.

About ComStat.uk: Internet Service Provider Comstat provides IT support, web hosting, and media services including web design, Microsoft 365 setup, and audio/video production, serving businesses across Denbighshire, North Wales and Wirral from Ruthin, and Lancashire and the Northwest from Bolton.