Building a safer email ecosystem with DMARC In our previous post, we described two techniques for authenticating an email sender: Sender Policy Framework (SPF), IETF RFC 7208, which verifies if the sending MTA is indeed authorized to send mail on behalf of a domain; and DomainKeys Identified Mail (DKIM), IETF RFC 6376, where a domain shows “ownership” of a mail […]
Recent reports on cyber-security threats in the healthcare sector by Verizon, Symantec and Ponemon consistently make several observations: Email-borne malware is on the rise, with such malware delivered via spam or phishing; Small-to-medium sized businesses (from all sectors) have the highest rate of email-delivered malware; Most breaches are caused by negligent employees or contractors. These […]
We have just completed a long series of articles discussing how attackers forge email messages and what technologies and techniques can be used to counter these attacks. See: Email Identity and Forged Email. In this post, we will discuss some best practices when using LuxSci to maximize your protection against forged email messages.
