Email Security

11 articles about Email Security

DNS

NIST DNS update: What this means for your organization

Mar 25, 20265 min read

NIST SP 800-81 Revision 3 reframes DNS as an active security layer for the first time since 2013. Here's what changed and why it matters for DMARC, SPF, and DKIM.

Read moreEmail Security

Microsoft backs DMARC as protection against Tycoon 2FA phishing surge

Jan 8, 20266 min read

Attackers are using Tycoon 2FA kits to send phishing emails from misconfigured servers. Microsoft now recommends strict DMARC enforcement as the primary defense.

Read moreDMARC

What is DMARC and how does it work effectively?

Dec 10, 20258 min read

DMARC protects domains from unauthorized email by aligning SPF and DKIM results with the visible From address. This guide covers how it works and how to deploy it effectively.

Read moreEmail Security

IETF calls for end of ARC experiment: What it means for email authentication

Dec 3, 20256 min read

The IETF recommends marking ARC (Authenticated Received Chain) as obsolete after a 10-year experiment. This post explains the implications for email forwarding and authentication.

Read moreDNS

4 free tools for quick email security testing

Dec 1, 20254 min readJack Lilley

Four free tools from Red Sift to audit your email authentication in minutes: Investigate for DMARC, SPF Checker, BIMI Checker, and Blacklist Checker.

Read moreEmail Security

DMARC, DKIM, SPF & BIMI: 5-minute playbook for Security and Marketing

Dec 1, 20253 min read

A quick-reference playbook for security and marketing teams covering SPF, DKIM, DMARC, and BIMI — what each does, why all four matter, and how to implement them.

Read moreDMARC

SPF, DKIM, and DMARC: the three protocols protecting your inbox (and why you need all of them)

Dec 1, 20255 min read

SPF and DKIM alone can't prevent spoofing because they check different headers. This guide explains how DMARC ties them together to close the gap.

Read moreDMARC

How to simplify DMARC, SPF, and DKIM management

Dec 1, 20253 min read

Managing email authentication is complex — SPF lookup limits, DKIM key rotation, configuration drift. This post shows how OnDMARC simplifies the path to full enforcement.

Read moreEmail Security

Gmail's enforcement ramps up: What bulk senders need to know

Nov 14, 20254 min read

Gmail is now rejecting emails from bulk senders who lack SPF, DKIM, DMARC, and one-click unsubscribe. Here's what to fix before enforcement hits your deliverability.

Read moreEmail Security

What is email spoofing and how can you prevent it?

Nov 11, 20255 min read

Email spoofing exploits SMTP's lack of sender authentication to forge trusted addresses. This explainer covers how it works and how DMARC, SPF, and DKIM prevent it.

Read moreEmail Security

41% of top Fintech companies are vulnerable to email phishing

Nov 4, 20255 min read

Only 26% of leading Fintechs enforce DMARC at p=reject, leaving the majority exposed to spoofing and phishing attacks in a heavily targeted industry.

Read more