Outbound Email Security – Part 1 – SPF
September 4, 2015
Email, as a technology, has been around for longer than “The Web”. While one often hears about security for the web (in the form of encryption, tor, etc), rarely do people discuss email security. As with any technology there are many areas to “secure”, however this series will focus on outbound email security as it relates to anti-spam and anti-phishing. There are three key technologies in play, SPF, DKIM, and DMAC, so this will be a three part series. We’re going to be covering both the “How” (to set it up) along with the very important “Why” (you should set it up). Today we’re starting with Sender Policy Framework, or SPF.
Gmail thinks “This message may not have been sent by...” you
June 29, 2011
Yesterday, Google rolled out a new feature in Gmail which warns you when it isn’t sure who the email was sent by. This warning isn’t due to some confusion on the server side, this issue is because Google wants to force more people to use SPF records and DKIM signatures. Both of these are good technologies to use (I personally have them both enabled), but I worry about Google’s move to “force” this… and how it will effect users.