For #email configuration and #security check, the European Commission provides a great tool: MECSA https://mecsa.jrc.ec.europa.eu/en/
conclusion: I still have some improvements to implement on my own server
#sysadmin #linux #postfix #DKIM #DMARC #DNSSEC #selfhosting

Hey everyone! Big news: the PCI DSS 4.0 deadline is coming up fast! This time, DMARC is becoming mandatory for *anyone* handling credit card data. I know, it sounds like a pain, but trust me, it's *super* important. Phishing is still a massive threat, unfortunately.

So, what's the deal with DMARC? Think of it as a bouncer for your inbox. It helps block those sneaky, fake emails. Seriously, without DMARC, your company's basically an open invitation for cybercriminals.

A lot of folks are probably thinking, "Nah, doesn't apply to me." Nope! Even small businesses *have* to implement DMARC. It's a must-do!

Now, I'm curious: Do you guys already have DMARC set up? And if you do, what tools are you using? Let's share some insights!

Cours #SPF / #DKIM / #DMARC. Je leur raconte quoi de joli ?

Claudia Plattner, President of German BSI, has just been featured in an article on email security in eco's dotmagazine. It's a wake up call and invitation to enhance email security in a joined effort

I like it

https://www.dotmagazine.online/issues/digital-security-trust-consumer-protection/enhancing-email-security

#SPF #DKIM #DMARC #DANE #TLSA #MTASTS #TLSRPT #Mailsecurity #TeamBSI @bsi

My emails are often flagged as 'spam' for my recipients, notably on mailing lists. I've set everything up hopefully correctly (DKIM, DMARC, etc.) and I score 10/10 at https://www.mail-tester.com/ . I don't appear to be on any block list, and I own my domain (goffi.org) for over 20 years.

Any ideas what the problem might be?

Let’s not.

#DMARC adds value to email for very few entities and adds yet another way for email to break, if you let it. One of the hottest threads on the MailOp list right now is in regard to Mimecast mishandling mail in a way that breaks mail signatures, dependent on the encoding a MUA chooses for a message.

I have spent many hours debugging other people’s DMARC deployments. These are rarely billable hours and are deeply tedious. https://ioc.exchange/@percepticon/113347954887616002

The Internet Security Days 2024 marked the starting point for a new effort by eco and @bsi to raise adoption of modern email security standards across Germany and worldwide. I'm honored that I was allowed to shape some of the contents of this great event and mailsecurity is finally getting the attention it deserves

https://international.eco.de/news/internet-security-days-2024-it-security-for-email-ai-and-nis2/

Formation Sécuriser son courrier électronique grâce au DNS avec DKIM, DMARC, SPF les 10 et 11 octobre ou 5 et 6 décembre 2024.

Programme complet et inscriptions sur https://www.afnic.fr/produits-services/formations/dkim-dmarc-spf-securiser-son-courrier-electronique-grace-au-dns/

#MalwareBytes, an #infosec company, has allowed their #DMARC aggregate reports mailbox to fill multiple times in the years I've been interacting with them.
Reliable processes are a foundational requirement of successful #cybersecurity.
Reliable monitoring is also a foundational requirement.
Ensuring your organization doesn't make the same mistake multiple times? Also foundational.
I don't trust MalwareBytes, and you probably shouldn't either.

Fucking #Comcast is (again) bouncing emails from my family mail server with no explanation of why or what to do about it. Just "554 server not available".
There is no legitimate reason to bounce emails from my server. I do _everything_ correctly (incl. #DKIM and p=reject #DMARC) and my server has been in continuous operation for over a decade.
Comcast is the worst, but, they're not the only one pulling this crap.
Yet another domain I have to route through #MailGun. *sigh*
#smtp #sysadmin

Shout out to @mwl and his latest (digital presale) release, Run Your Own Mail Server (#RYOMS). Going to start reading it here shortly!

I have been an early adopter and mostly self-taught with #dmarc, so I've been looking forward to this release.

Michael has been a remarkable author of tech / security books over the years, in my humble opinion. I've learned a lot, and greatly appreciate the library of books I have of his

Lastly, his fiction work is quite entertaining as well!

Burde ikke #Vy legge lista litt høyere for vy.no-avsender for kvitteringer o.l.?

https://internet.nl/mail/vy.no/1305185/

After developing a validator for BIMI (Brand Indicators for Message Identification), I analyzed the top 1 million domains to assess their BIMI setup. Over 43% of BIMI implementations have issues. Blog: https://www.uriports.com/blog/bimi/ #bimi #dmarc

Inwiefern ist DMARC und insbesondere sind dessen Report-Formate aggregate und forensic mit den Anforderungen der DSGVO vereinbar? Katharina Küchler (Anwältin, eco Verband) und ich (E-Mail Experte, Leiter Kompetenzgruppe E-Mail eco) sind dieser Frage im vollständig überarbeiteten Rechtsgutachten des #eco Verbandes nachgegangen.

Möge es für alle hier von Nutzen sein!

Deutsch:
https://www.eco.de/download/238585/

Englisch:
https://international.eco.de/download/238605