Tech - URIports Blog

Tech

Microsoft is finally sending DMARC aggregate reports (...poorly)

Microsoft has started sending DMARC aggregate reports, but unfortunately they don't know how to format a proper email.

Tech

How to create a solid and secure Content Security Policy

This step-by-step guide will help you understand and set up a solid Content Security Policy for your website.

Tech

Why you need Network Error Logging (NEL)

By adding a NEL response header to your website, you’ll receive reports from your visitors’ browsers, allowing you to accurately measure performance characteristics that will help you improve your website.

Tech

Setting up OpenPGP Web Key Directory (WKD)

If you use OpenPGP to secure your email communication, you should consider publishing your public key using Web Key Directory. It's easier than you think.

Application Support

DMARC failure reports and GDPR

Unlike aggregate reports, DMARC failure reports contain personal data like email subject, sender address, recipient address, and sometimes even the original message body. What does this mean for GDPR compliance?

Tech

Document Policy: a new Permissions Policy extension

Sometimes your site has to rely on content from other sources. With Document Policies, you have more control over the embedded documents. Let’s have a quick look at this new Feature Policy extension.

Tech

DMARC reports IETF RFC compliance

After analyzing millions of DMARC reports, I came to the disappointing conclusion that only a fraction of them comply with the DMARC IETF RFC guidelines. Most of them lack mandatory elements or hold incorrect element values.

Tech

Email security explained

The most common mechanisms for securing email explained (SPF, DKIM, DMARC, ARC, DANE, MTA-STS, STARTTLS Everywhere, and TLS-RPT).

Tech

MTA-STS explained

Google announced that they made email more secure by adopting the new MTA-STS internet standard. But what is MTA-STS and how does it (sort of) improve email security