HackerTrans
トップ新着トレンドコメント過去質問紹介求人

freddieleeman

no profile record

投稿

[untitled]

1 ポイント·投稿者 freddieleeman·2 年前·0 コメント

[untitled]

1 ポイント·投稿者 freddieleeman·2 年前·0 コメント

[untitled]

1 ポイント·投稿者 freddieleeman·2 年前·0 コメント

[untitled]

1 ポイント·投稿者 freddieleeman·2 年前·0 コメント

[untitled]

1 ポイント·投稿者 freddieleeman·2 年前·0 コメント

LearnDMARC now supports multiple DKIM signatures

1 ポイント·投稿者 freddieleeman·2 年前·1 コメント

Demystifying DMARC Alignment

uriports.com
1 ポイント·投稿者 freddieleeman·2 年前·0 コメント

The SPF / DKIM / DMARC Best Practices 2024

uriports.com
2 ポイント·投稿者 freddieleeman·2 年前·0 コメント

Fix SPF 10 DNS lookup limit with SPF Macros

uriports.com
1 ポイント·投稿者 freddieleeman·2 年前·0 コメント

MTA-STS Adoption Among the Top 1M Domains in 2024

uriports.com
1 ポイント·投稿者 freddieleeman·2 年前·1 コメント

コメント

freddieleeman
·2 年前·議論
GoDaddy's DMARC reports are passing SPF even when the RFC5321.MailFrom and RFC5322.From domains aren't aligned.
freddieleeman
·2 年前·議論
Clickable link: https://learnDMARC.com
freddieleeman
·2 年前·議論
Just 0.3% of domains implemented an MTA-STS TXT record. 571 (19.5%) of these domains have implementation errors (see complete list below). Among the valid MTA-STS implementations, 54.3% publish an 'enforce' policy, while 45% have opted for a 'testing' policy. In summary, 1278 domains leverage MTA-STS to fortify their defenses against Man-in-the-Middle (MitM) downgrade attacks.
freddieleeman
·2 年前·議論
https://datatracker.ietf.org/doc/html/rfc7489#section-6.6.4

"If email is subject to the DMARC policy of "reject", the Mail Receiver SHOULD reject the message (see Section 10.3). If the email is not subject to the "reject" policy (due to the "pct" tag), the Mail Receiver SHOULD treat the email as though the "quarantine" policy applies. This behavior allows Domain Owners to experiment with progressively stronger policies without relaxing existing policy."
freddieleeman
·3 年前·議論
https://URIports.com/dmarc offers services starting at just $1 monthly for up to 3 domains. It's GDPR compliant and includes features like notifications, hosted MTA-STS for protection against Man-in-the-Middle (MiTM) downgrade attacks, and much more.
freddieleeman
·3 年前·議論
For those interested in testing their email for SPF, DKIM, and DMARC compliance or eager to learn about these mechanisms that enhance email security and prevent spoofing, check out https://learnDMARC.com. This is a site I developed to promote adoption and share knowledge. It includes a challenging quiz, tough even for professionals. I'd be keen to know your scores on the first attempt – honesty counts!
freddieleeman
·3 年前·議論
You will need Verified Mark Certificates (VMC's) issued by a Certificate Authority.
freddieleeman
·3 年前·議論
As DMARC relies on the RFC5322.From address, omitting it will lead to errors. To avoid these errors, emails lacking this address are currently being ignored.
freddieleeman
·3 年前·議論
Totally agree, this blog makes no sense at all.

"If a server isn't on the list, it's like an application being tossed out because it wasn't fully filled or the business idea is illegal."

Seriously, what?!

"DMARC establishes your policy as a sender for what should happen to your messages if they fail DKIM or SPF."

... only if they fail DKIM AND SPF (and alignment). The whole blog doesn't even talk about identifier alignment, which is a big part of DMARC.

Maybe an AI wrote the article and got stuck trying to use a weird analogy about a "competitive accelerator program" for email security? :)