Tech - URIports Blog

Hosted MTA-STS by URIports

Publish an MTA-STS policy by adding just two CNAME records to your domain's DNS. URIports will publish an RFC-compliant MTA-STS policy using the latest best practices and periodically validate your policy and email setup.

Tech

Introduction to SPF, DKIM, and DMARC

For those of you that are new to the email security subject, you've probably heard about SPF, DKIM, and DMARC. But what are they, and how do they relate to each other? Like regular postal mail, someone could send you a letter in an envelope and forge the sender's name

Tech

Why use URIports for your DMARC monitoring?

DMARC, SPF, and DKIM have been around for more than eight years now. Every day, more domains adopt this mechanism to increase email deliverability and protect against email spoofing and phishing attacks. The "R" in DMARC stands for Reporting, and it is one of the great features of DMARC. Email

Tech

Microsoft is finally sending DMARC aggregate reports (...poorly)

Microsoft has started sending DMARC aggregate reports, but unfortunately they don't know how to format a proper email.

Tech

How to create a solid and secure Content Security Policy

This step-by-step guide will help you understand and set up a solid Content Security Policy for your website.

Tech

Why you need Network Error Logging (NEL)

By adding a NEL response header to your website, you’ll receive reports from your visitors’ browsers, allowing you to accurately measure performance characteristics that will help you improve your website.

Tech

Setting up OpenPGP Web Key Directory (WKD)

If you use OpenPGP to secure your email communication, you should consider publishing your public key using Web Key Directory. It's easier than you think.

Application Support

DMARC failure reports and GDPR

Unlike aggregate reports, DMARC failure reports contain personal data like email subject, sender address, recipient address, and sometimes even the original message body. What does this mean for GDPR compliance?

Tech

Document Policy: a new Permissions Policy extension

Sometimes your site has to rely on content from other sources. With Document Policies, you have more control over the embedded documents. Let’s have a quick look at this new Feature Policy extension.

Tech

DMARC reports IETF RFC compliance

After analyzing millions of DMARC reports, I came to the disappointing conclusion that only a fraction of them comply with the DMARC IETF RFC guidelines. Most of them lack mandatory elements or hold incorrect element values.

Tech

Email security explained

The most common mechanisms for securing email explained (SPF, DKIM, DMARC, ARC, DANE, MTA-STS, STARTTLS Everywhere, and TLS-RPT).

Tech

MTA-STS explained

Google announced that they made email more secure by adopting the new MTA-STS internet standard. But what is MTA-STS and how does it (sort of) improve email security