Digital Ocean is a cloud services hosting company. They are used by many business to host, develop and deploy applications in the cloud.

Digital Ocean may show up as a sending service in your Authentication Reports. This may happen for one of the following reasons:

Suspicious email

Some organizations will see Digital Ocean show up in their Authentication Reports because they are either being spoofed - this is why getting to DMARC enforcement is important to our customers!  

Because of the way users deploy services or servers on Digital Ocean's IPs, they may not be setting up (and locking down) their services correctly. This can leave that service or server opened unintentionally to be leveraged as an open relay for unauthorized email. 

Some customers aren't sure if they're using Digital Ocean or not. Our recommendation for most of these users who are concerned about Digital Ocean showing up as a task or sender in their reports is to ignore that service.

Legitimate Usage

If you or your organization is hosting an application or emailing service on a Digital Ocean IP, you should configure that service, application or server to send in an aligned way. Your IT department or developers should add an appropriate PTR record to that IP or service as well.  Once this has been done, you can add that IP (or range of IPs) as a Netblock in your configuration, or as an external sending service.