Tech Security.txt Adoption and Frequent Implementation Mistakes In April 2022, an effort was made to enhance cybersecurity by introducing RFC9116. This standard introduces a well-organized file format, simplifying security vulnerability reporting by placing a text file in the /.well-known/ folder of a domain. The goal? To tackle a pervasive issue: the difficulty security researchers face in finding
Tech SPF Macros: Overcoming the 10 DNS Lookup Limit If your domain relies heavily on third-party services to send emails on its behalf, you could encounter the DNS lookup limit outlined in section 4.6.4 of RFC7208, resulting in an SPF permerror. Without a correct DKIM configuration, emails may not pass DMARC checks, potentially leading to blocking or
Tech DKIM Ed25519-SHA256 adoption In this blog, we will delve into the significance of these RFCs, their recommendations, and the current state of email providers' support for Ed25519-SHA256.
Tech The Ultimate SPF / DKIM / DMARC Best Practices 2024 Reduce spoofing and phishing, build and maintain a solid reputation, and increase email deliverability with SPF, DKIM, and DMARC.
Tech The end of Expect-CT With the release of the latest Google Chrome browser (105) at the end of August 2022, the Expect-CT header has officially been deprecated and will be removed in version 107.
Tech Eight years of Sender Policy Framework (SPF) Sender Policy Framework (SPF) is used to authenticate senders of email. Receiving servers use SPF to verify if the message source IP is authorized to send on behalf of the HELO or MAIL FROM domain. History The first draft [https://datatracker.ietf.org/doc/html/draft-schlitt-spf-classic-00] of the Sender Policy
Tech Hosted MTA-STS by URIports Publish an MTA-STS policy by adding just two CNAME records to your domain's DNS. URIports will publish an RFC-compliant MTA-STS policy using the latest best practices and periodically validate your policy and email setup.
Tech Introduction to SPF, DKIM, and DMARC For those of you that are new to the email security subject, you've probably heard about SPF, DKIM, and DMARC. But what are they, and how do they relate to each other? Like regular postal mail, someone could send you a letter in an envelope and forge the
Tech Why use URIports for your DMARC monitoring? DMARC, SPF, and DKIM have been around for more than eight years now. Every day, more domains adopt this mechanism to increase email deliverability and protect against email spoofing and phishing attacks. The "R" in DMARC stands for Reporting, and it is one of the great features of
Tech Microsoft is finally sending DMARC aggregate reports (...poorly) Microsoft has started sending DMARC aggregate reports, but unfortunately they don't know how to format a proper email.
Tech How to create a solid and secure Content Security Policy This step-by-step guide will help you understand and set up a solid Content Security Policy for your website.
Tech Why you need Network Error Logging (NEL) By adding a NEL response header to your website, you’ll receive reports from your visitors’ browsers, allowing you to accurately measure performance characteristics that will help you improve your website.
Tech Setting up OpenPGP Web Key Directory (WKD) If you use OpenPGP to secure your email communication, you should consider publishing your public key using Web Key Directory. It's easier than you think.
Application Support DMARC failure reports and GDPR Unlike aggregate reports, DMARC failure reports contain personal data like email subject, sender address, recipient address, and sometimes even the original message body. What does this mean for GDPR compliance?
Tech Document Policy: a new Permissions Policy extension Sometimes your site has to rely on content from other sources. With Document Policies, you have more control over the embedded documents. Let’s have a quick look at this new Feature Policy extension.
Tech DMARC reports IETF RFC compliance After analyzing millions of DMARC reports, I came to the disappointing conclusion that only a fraction of them comply with the DMARC IETF RFC guidelines. Most of them lack mandatory elements or hold incorrect element values.
Tech Email security explained The most common mechanisms for securing email explained (SPF, DKIM, DMARC, ARC, DANE, MTA-STS, STARTTLS Everywhere, and TLS-RPT).
Tech Featured MTA-STS explained Google announced that they made email more secure by adopting the new MTA-STS internet standard. But what is MTA-STS and how does it (sort of) improve email security
