The Sender Policy Framework (SPF) is a foundational email authentication technology. It enables a domain owner to specify, via a special DNS record, which hosts are authorized to send mail on behalf of their domain.
Continue reading Restored Article: SPF: The Foundation of Email Sender AuthenticationTag: dns
Email Signing and Verification with Amavisd-new and DKIM
I recently had a moment of “why did I do that?” when I temporarily disabled DKIM signing on my mail server. A quick email to a mailing list triggered a flood of DMARC authentication failure reports. It was a clear reminder that a surprising number of administrators have DMARC and DKIM reporting enabled.
Continue reading Email Signing and Verification with Amavisd-new and DKIMSecuring Email with MTA-STS and TLSRPT
What is MTA-STS (MTA Strict Transport Security)?
MTA-STS is a mechanism that enforces TLS encryption for your email communication. Think of it as HTTP Strict Transport Security (HSTS) for email. By instructing the sending mail server that a secure connection is mandatory, you can effectively mitigate or stop Man-in-the-Middle (MITM) attacks. The official abstract from the RFC puts it best:
Continue reading Securing Email with MTA-STS and TLSRPT