Clik here to view.
Podcast episode 5 – Email over IPv6
DescriptionThe world is moving to IPv6, and so is email. However, email specialists are not thrilled about the move because of the potential for abuse. If it’s hard enough to stop spam in IPv4 with its...
View ArticleClik here to view.
Solving the problem of DMARC’s incompatibility with mailing lists – Part 1
One of the problems that the email filtering community still hasn’t solved with regards to DMARC is how to deal with the problem of mailing lists.You know, mailing lists. Those are those things that...
View ArticleClik here to view.
Three options for solving the problem of DMARC’s incompatibility with mailing...
How can we solve the problem of mailing lists breaking DMARC?1. Don’t let anyone with a DMARC record of p=reject join the mailing list One solution is to moderate who joins the mailing list. Domains...
View ArticleClik here to view.
A fourth option for solving the problem of DMARC’s incompatibility with...
We’ve looked at three options for solving the problem of mailing lists who have problems delivering email for domains that publish p=reject. None of the solutions are great. What else is there?4. Play...
View ArticleClik here to view.
In Malaysia this upcoming July? Maybe check out the 5th Annual Cybersecurity...
I don’t talk about upcoming conferences that much on this blog, but this one I am doing by special request of one of my readers: The 5th Annual Cybersecurity for Government Summit 2015 behind held in...
View ArticleClik here to view.
What is the best combination for your SPF record, DKIM record, and DMARC record?
Sometimes [1] people ask me what the best combination of SPF record is if they publish a DMARC record and DKIM record? How should we best present spoofing using authentication records that we publish...
View ArticleClik here to view.
(Not) Using the Additional Spam Filtering option for SPF hard fail to block...
Recently, I’ve noticed that sometimes customers in Office 365 will login to the Exchange Admin Center, go to Protection –> Spam Filter –> Advanced Options and enable the Advanced Spam Filtering...
View ArticleClik here to view.
Analyzing the language of the Safe Links design of Advanced Threat Protection...
A couple of months ago, Office 365 released Advanced Threat Protection (ATP) for Exchange Online Protection. You can read more about that here:Exchange Online Advanced Threat Protection is now...
View ArticleClik here to view.
Combating spoofing
Three years ago, I wrote a blog post entitled Combating Phishing talking about what Exchange Online Protection (EOP) does to stop phishing messages [1].Last year, I wrote one of my most popular blog...
View ArticleClik here to view.
Manually hooking up DKIM signing in Office 365
This post contains instructions on how to manually enable signing DKIM on Office 365. Eventually, all the contents of this blog post will move to a TechNet article that has details about how to do it...
View ArticleClik here to view.
How Office 365 does automatic DKIM key rotation
As you can see from one of my other posts, Office 365 now lets you sign your outbound email with DKIM signatures.One of the key differences between how we do it and how almost every other service does...
View ArticleClik here to view.
How I personally use Outlook with Office 365
Sometimes people ask me how they should configure Outlook and Office 365 (Exchange Online Protection, or EOP) so they work together in the best way. This is tough for me to recommend because it depends...
View ArticleClik here to view.
DMARC one year later, and what have we learned?
It has been one year since I posted that Office 365 now supports inbound DMARC verification. What do we see in terms of how much mail it blocks in production?Well, we’ve learned a lot of things; some...
View ArticleClik here to view.
Exchange Online is rolling out default DKIM-signing to everyone
If you are a customer of Office 365 (Exchange Online Protection, or EOP), you may have noticed, or will be noticing, that we are adding DKIM signatures to your outgoing email, even if you haven’t...
View ArticleClik here to view.
The common types of spear phish we see today
As 2015 draws near to a close, I thought I’d write a blog post about the type of spear phishes we are seeing lately against our customer base. This is not general brand phish like someone spoofing...
View ArticleClik here to view.
Email authentication should work out of the box and we should not rely upon...
This is going to be a long post. Sorry. I didn’t have time to write a shorter one. Who should be responsible for setting up email authentication records?For years, I have been discussing the virtues of...
View ArticleClik here to view.
Office 365 is expanding its DKIM-signing to our consumer brands plus adding...
Here at Office365 and Hotmail/outlook.com, we are making some changes with regards to our DKIM-signing in both services. We believe in sender authentication, especially with regards to DKIM, and plan...
View ArticleClik here to view.
I don’t mean to name and shame, but I will
A few months ago, I made the mistake of signing up for a webcast that opted me in to getting continuous communicates from them about upcoming online seminars.I was getting tired of all of these invites...
View ArticleClik here to view.
Common errors in SPF records
The other day I was asked to come up with some common errors that we see when people set up SPF records as we want to start notifying our customers when they have these types of errors. I thought it...
View ArticleClik here to view.
How antispoofing protection works in Office 365
Exchange Online Protection (EOP), the email filtering component of Office 365, is rolling out, or has already rolled out, full antispoof protection for all of its customers. Most of our customers...
View Article