URIports Blog (Page 2)

Hosted MTA-STS by URIports

Hosted MTA-STS by URIports

Publish an MTA-STS policy by adding just two CNAME records to your domain's DNS. URIports will publish an RFC-compliant MTA-STS policy using the latest best practices and periodically validate your policy and email setup.

Introduction to SPF, DKIM, and DMARC

Introduction to SPF, DKIM, and DMARC

For those of you that are new to the email security subject, you've probably heard about SPF, DKIM, and DMARC. But what are they, and how do they relate to each other? Prefer listening over reading? Check out our podcast that breaks down everything you need to know

Reporting API v1 is here!

Reporting API v1 is here!

A new version of the Reporting API [https://web.dev/reporting-api/] has been released that hopefully will get supported across more browsers. The legacy Reporting API (v0) is currently only supported by Chrome and Edge browsers. If you have already implemented the Reporting API v0, you can migrate to the

DMARC External Destinations verification

The aggregate (rua) and failure (ruf) report destinations can be specified within the domain's DMARC policy. And while it is possible to specify a destination on a different organizational domain, the receiving domain must expressly indicate that reports for other domains are welcome. The absence of this record

Why use URIports for your DMARC monitoring?

Why use URIports for your DMARC monitoring?

DMARC, SPF, and DKIM have been around for more than eight years now. Every day, more domains adopt this mechanism to increase email deliverability and protect against email spoofing and phishing attacks. The "R" in DMARC stands for Reporting, and it is one of the great features of

Single Sign-On (SSO)

URIports supports Single Sign-On (SSO) using OpenID Connect (OIDC) for Mountain and Himalaya subscriptions. SSO speeds up access to your account by allowing you to log in with your existing company or Identity-As-A-Service (IDaaS) credentials, meaning fewer passwords to keep track of and easy user management. We've written

SSO OIDC Quick guide Okta

Below are screenshots to illustrate the steps required to connect URIports to Okta for the purpose of enabling Single Sign-On through OpenID Connect (OIDC). 6. Paste the Redirect URI from URIports here 7. Select which users should have access to URIports 9. Copy the Client ID and save this value

SSO OIDC Quick guide Azure Active Directory (Entra ID)

Below are screenshots to illustrate the steps required to connect URIports to Azure Active Directory (Entra ID) for the purpose of enabling Single Sign-On through OpenID Connect (OIDC). 4. Select which users should have access to URIports 5. Paste the Redirect URI from URIports here 7. Copy the Client ID

SSO OIDC Quick guide OneLogin

Below are screenshots to illustrate the steps required to connect URIports to OneLogin for the purpose of enabling Single Sign-On through OpenID Connect (OIDC). 5. Paste the Redirect URI from URIports here 10. Copy the Client ID and save this value in URIports 12. Copy the Client Secret and save

SSO OIDC Quick guide SalesForce

Below are screenshots to illustrate the steps required to connect URIports to SalesForce for the purpose of enabling Single Sign-On through OpenID Connect (OIDC). 8. Paste the Redirect URI from URIports here 13. Copy the Consumer Key and save this value in URIports as Client ID 14. Reveal the Consumer

SSO OIDC Quick guide Ping Identity

Below are screenshots to illustrate the steps required to connect URIports to Ping Identity for the purpose of enabling Single Sign-On through OpenID Connect (OIDC). 8. Paste the Redirect URI from URIports here 16. Copy the ISSUER and save this value in URIports as the Application URL 17. Copy the

SSO OIDC Quick guide Google Workspace

Below are screenshots to illustrate the steps required to connect URIports to Google Workspace (formerly known as G Suite) for the purpose of enabling Single Sign-On through OpenID Connect (OIDC). The Google Workspace Application URL is https://accounts.google.com. Go to the Google Cloud Platform [https://console.cloud.google.

Instant DMARC reports

Instant DMARC reports

Why wait 24 hours? Instant DMARC reports allow you to view your SPF and DKIM performance in seconds.

Microsoft is finally sending DMARC aggregate reports (...poorly)

Microsoft is finally sending DMARC aggregate reports (...poorly)

Microsoft has started sending DMARC aggregate reports, but unfortunately they don't know how to format a proper email.

DMARC aggregate reports explained

DMARC aggregate reports explained

DMARC reports are a powerful tool for detecting issues with your DKIM and SPF setup. Let me guide you through the most common DMARC report types and dive into the details of some of ours to help you better understand your own.

Two-factor authentication for your URIports account

Application Support

Two-factor authentication for your URIports account

Enabling two-factor authentication will better secure your account.

Restore 2FA for URIports

Application Support

Restore 2FA for URIports

Unable to access your authenticator app and can’t log in to your URIports account? Here's a super easy fix.

Easy fix for: '[Intervention] Ignored attempt to cancel a touchmove event with cancelable=false'

Easy fix for: '[Intervention] Ignored attempt to cancel a touchmove event with cancelable=false'

In this short blog, I explain what’s causing this error and how you can easily fix it.

How to create a solid and secure Content Security Policy

How to create a solid and secure Content Security Policy

This step-by-step guide will help you understand and set up a solid Content Security Policy for your website.

Why you need Network Error Logging (NEL)

Why you need Network Error Logging (NEL)

By adding a NEL response header to your website, you’ll receive reports from your visitors’ browsers, allowing you to accurately measure performance characteristics that will help you improve your website.

Setting up OpenPGP Web Key Directory (WKD)

Setting up OpenPGP Web Key Directory (WKD)

If you use OpenPGP to secure your email communication, you should consider publishing your public key using Web Key Directory. It's easier than you think.

DMARC failure reports and GDPR

Application Support

DMARC failure reports and GDPR

Unlike aggregate reports, DMARC failure reports contain personal data like email subject, sender address, recipient address, and sometimes even the original message body. What does this mean for GDPR compliance?

Document Policy: a new Permissions Policy extension

Document Policy: a new Permissions Policy extension

Sometimes your site has to rely on content from other sources. With Document Policies, you have more control over the embedded documents. Let’s have a quick look at this new Feature Policy extension.

The Beginner's Guide to DMARC with URIports

Application Support

The Beginner's Guide to DMARC with URIports

As soon as SPF, DKIM, and DMARC policies are set up, reports will start to appear in your URIports account. I'm going to explain the different report elements, what they mean, and what to do with them.

DMARC reports IETF RFC compliance

DMARC reports IETF RFC compliance

After analyzing millions of DMARC reports, I came to the disappointing conclusion that only a fraction of them comply with the DMARC IETF RFC guidelines. Most of them lack mandatory elements or hold incorrect element values.