← Back to Case Studies
CASE STUDY #2

Sonitek

Securing DNS, Fortifying Deliverability & Defending Against Spam Attacks

100% DNS Record Alignment
Zero Email Downtime
Spam Attack Neutralized

Client Overview

Sonitek is a precision manufacturing company specializing in heat-staking, ultrasonic welders, and pneumatic presses. They combine engineering rigor with industrial scale operations. Because they handle orders, support, communications, and B2B outreach, email and DNS infrastructure are mission-critical to their operations.

The Problem

Sonitek came to us with a set of intertwined DNS, email, and infrastructure risks:

  • Their SPF / DKIM / DMARC records were misconfigured or inconsistent across their Microsoft 365 and eCommerce (BigCommerce) setup.
  • Their DNS was hosted on BigCommerce (with domain on GoDaddy), which led to fragility and complexity when migrating or altering records.
  • They were planning a move to Shopify or shifting DNS to GoDaddy, but lacked a safe migration plan.
  • They used RedSift for DMARC tracking, but weren't confident in its setup, reporting accuracy, or how to act on anomalies.
  • As work began, they were also hit by a spam bomb: thousands of malicious inbound emails per minute flooding their systems.

The challenge was twofold: stabilize the environment under attack, then rebuild defensive architecture and alignment so they could move domains, host safely, and trust their email channels again.

The Solution / Implementation

Here's what we delivered, with technical rigor and clarity:

DNS Audit & Cleanup

  • Reviewed current DNS zones, record types, TTLs, and delegation.
  • Unified and aligned SPF, DKIM, and DMARC records across all sending domains. Removed conflicting or legacy entries.
  • Hardened DNS hosting setup and prepared migration pathways (BigCommerce → GoDaddy / Shopify) with fallback plans.

Spam-Attack Mitigation & Layering

  • Deployed Proofpoint Essentials (or equivalent) as an inbound filtering layer to block malicious traffic.
  • Configured Microsoft 365 Defender rules, conditional access policies, and flow controls to shield internal systems.
  • Controlled email routing and throttling logic to prevent bounce loops or overloads under attack.

DMARC / Monitoring Enhancement

  • Validated RedSift setup, audited policy enforcement, and integrated feedback loops.
  • Introduced supplemental monitoring tools (MXToolbox, seed testing) to cross-check RedSift.
  • Built alerts and dashboards to flag authentication failures, misalignment, and deliverability regressions.

Migration Planning & Execution Support

  • Developed a safe cutover plan for DNS migration to GoDaddy / Shopify with zero-email downtime.
  • Staged the migration: test subdomain, switch TTLs, shadow records, rollback paths.
  • After migration, validated propagation, rechecked records, and verified email flow through test campaigns.

Ongoing Validation & Reporting

  • Instituted weekly deliverability scans.
  • Created dashboards showing SPF/DKIM/DMARC health, inbound spam trends, block/allow logs, and traffic anomalies.
  • Provided tactical recommendations: remove stale sending sources, harden list hygiene, review vendor DNS integrations.

The Outcome

After implementation:

  • DNS and sending domain alignment reached 100% compliance — no conflicting or missing records.
  • The spam bomb attack was neutralized within hours; legitimate traffic resumed smoothly.
  • Email deliverability stabilized with no blocks, dropped to single digits, and no false positives affecting users.
  • The migration path to Shopify / GoDaddy was validated; the client can shift DNS confidently anytime.
  • Sonitek now has full visibility into authentication health, threats, and delivery performance.
  • Their internal teams no longer fight daily DNS/email fires — they operate with confidence.
"John did an exceptional job helping me improve our email security and manage complex conditional access policies. He provided clear explanations, proactively identified potential issues, and quickly implemented effective solutions — significantly reducing spam while ensuring legitimate emails weren't blocked unnecessarily.

He was responsive, knowledgeable, and proactive in addressing problems. He consistently took initiative to troubleshoot, confirm configurations, and provide actionable recommendations, greatly enhancing our infrastructure's efficiency and security. Highly recommend." — Tom Bishop, Sonitek

Interested in improving your DNS & email security?

We'll help you fortify your infrastructure, align your authentication, and defend against threats.

Start a Conversation