The Red Sift Blog

Microsoft announces new email requirements for bulk senders
Microsoft has officially announced new authentication requirements for bulk email senders—referred to as ‘high volume senders’ in their documentation—aligning with the policies rolled out in 2024 by Google and Yahoo. These changes aim to improve email security and deliverability for Outlook.com users, covering domains like outlook.com, hotmail.com, and live.com. The update marks a significant shift...Continue Reading: Microsoft announces new email requirements for bulk senders

All blogs

News

Microsoft announces new email requirements for bulk senders

Red Sift

Microsoft has officially announced new authentication requirements for bulk email senders—referred to as ‘high volume senders’ in their documentation—aligning with the policies rolled out in 2024 by Google and Yahoo. These changes aim to improve email security and deliverability for Outlook.com users, covering domains like outlook.com, hotmail.com, and live.com. The update marks a significant…

Read more
DMARC

From concept to market leader: Reflecting on the development of Red Sift…

Rahul Powar

Following Red Sift OnDMARC being featured in 18 reports in G2’s Spring 2025 Report, CEO Rahul Powar shares his thoughts on the innovation behind the product—and what’s driving its continued momentum in the fight against phishing and Business Email Compromise (BEC). When I founded Red Sift, my goal was to make proactive cybersecurity accessible…

Read more
DMARC

Keep your Microsoft Online Email Routing Address secure with Red Sift OnDMARC

Faisal Misle

Every Microsoft 365 tenant includes a default domain in the format tenantname.onmicrosoft.com. This is known as the Microsoft Online Email Routing Address (MOERA). What many don’t realize is that attackers have started using these domains to impersonate organizations in phishing attacks. If left unmonitored, MOERA domains can become a blind spot in your email…

Read more
News

Red Sift OnDMARC ranked #1 in EMEA and Europe for DMARC in…

Francesca Rünger-Field

G2’s Spring 2025 Report is here, and we’ve got some exciting news to share! Red Sift OnDMARC has been named the #1-rated DMARC solution in both EMEA and Europe, and that’s just the start. We also took the #1 spot in the Mid-Market Results Index and Mid-Market Usability Index, and were featured in 18…

Read more
DMARC

The Mail Check deadline has passed: Is your organisation at risk? 

Jack Lilley

The National Cyber Security Centre (NCSC) proposed changes to Mail Check services came into effect on 24 March 2025, including the ending of DMARC aggregate reporting. Organisations who are yet to comply must now seek an alternative provider or risk exposure to harmful cybersecurity incidents. This change comes as a measure to expand the…

Read more
Awards

Red Sift named a Top 50 company in 2025 Emerging Stars Awards

Jack Lilley

We’re pleased to share that Red Sift has been named Best Performing Company – Security & Infrastructure in the 2025 Emerging Stars Awards. These awards, part of the Megabuyte100 series, recognise the UK’s 50 best-performing scale-up technology companies based on solid financial performance, from over 800 entries.  Being recognised in this category reflects the…

Read more
DMARC

Mailgun and Red Sift partner to boost email programs with stronger authentication  

Rebecca Warren

Senders know that email is a critical channel for driving customer engagement and establishing trust, yet deliverability and security issues can disrupt email programs. Mailgun, a leader in cloud-based email delivery, is providing free DMARC reporting for all Mailgun senders courtesy of Red Sift OnDMARC. This integration brings senders complete visibility into authentication results…

Read more
DMARC

Over 60% of healthcare organizations remain unprotected against data breaches

Sean Costigan

Introduction Red Sift’s analysis of healthcare organizations that reported large breaches to the Department of Health & Human Services (HHS) in 2023-2024 uncovered a troubling trend: post-breach, 61% remain unprotected against phishing and domain spoofing due to weak or nonexistent DMARC policies. DMARC (Domain-based Message Authentication, Reporting & Conformance) is a widely recognized security…

Read more
Awards

Red Sift wins 2025 Cybersecurity Excellence Award for OnDMARC

Jack Lilley

Executive Summary: Red Sift OnDMARC has been recognized with the 2025 Cybersecurity Excellence Award for its advanced email security solutions. By leveraging AI-powered tools like Red Sift Radar for security issues and Dynamic DNS Guardian for real-time monitoring, OnDMARC provides businesses with robust protection against phishing, spoofing, and business email compromise (BEC).  Key takeaways:…

Read more
Product Release

Red Sift’s Winter ‘24/’25 Quarterly Product Release

Francesca Rünger-Field

This quarter, we’re making security faster, smarter, and more proactive with updates that improve threat detection, reduce manual work, and prevent threats before they escalate. Highlights include: Brand Trust  Executive Impersonation: Detect unauthorized use of leadership identities By uploading and managing executive images in Brand Trust, security teams can detect and monitor unauthorized use…

Read more
AI

Enhanced logo detection with AI: A hybrid approach

Phong Nguyen

Executive Summary: Accurate logo detection is essential for protecting brands against misuse and fraudulent activities. Red Sift’s hybrid AI approach enhances detection precision, effectively balancing the reduction of false positives with the identification of genuine threats. This article: Introduction Logo detection is crucial for brand protection, helping identify logo misuse in lookalike domains and fraudulent…

Read more
DMARC

Prepare for the Mail Check deadline

Lewis Rogers

Executive Summary: The NCSC is updating its Mail Check services, discontinuing features like DMARC aggregate reporting to enhance accessibility and manage costs. Public sector organisations relying on these services should explore alternative DMARC reporting solutions to maintain email security.​ This article: Introduction The National Cyber Security Centre (NCSC) is modifying Mail Check services to discontinue…

Read more
Cybersecurity

Post-quantum cryptography for Internet and WebPKI: Where are we now and how…

Bhushan Lokhande

Executive Summary: Advancements in quantum computing threaten existing cryptographic protections. While CRQCs aren’t expected imminently, organizations must proactively transition to quantum-safe cryptography to secure future communications.​ This article: Introduction Recent advancements in quantum computing pose a substantial threat to the cryptographic algorithms that secure internet communications, particularly public key cryptography. As quantum computers evolve, they…

Read more
Cybersecurity

Collaborative cybersecurity: The building blocks to a safer internet

Rahul Powar

Ciaran Martin, former CEO of the UK National Cyber Security Centre, and Rahul Powar, CEO of Red Sift Executive Summary: As technology advances, so do associated risks. A conversation between industry leaders emphasizes that collaborative cybersecurity efforts are crucial to building a safer and more resilient internet. This article: Introduction The internet’s foundational promise is…

Read more
Cybersecurity

Securing crypto with Andrei Terentiev

Sean Costigan

Executive Summary: In an insightful discussion, Bitcoin.com’s CTO, Andrei Terentiev, delves into the challenges at the intersection of cryptocurrency and cybersecurity, offering strategies to protect digital assets in an ever-evolving landscape.​ This article: Introduction In a new episode of Resilience Rising, host Sean Costigan speaks to Andrei Terentiev, Chief Technology Officer (CTO) of Bitcoin.com. The…

Read more
DMARC

2.3 million organizations embrace DMARC compliance

Jack Lilley

Executive Summary: Over the past year, 2.3 million organizations have adopted DMARC, enhancing email security globally. This progress reflects a positive trend toward securing email ecosystems, with certain countries leading the charge.​ This article: Introduction It has been one year since Google and Yahoo implemented stricter requirements for bulk email senders. Eleven months ago, Red…

Read more
BIMI

VMC and CMC updates: 5 key takeaways

Jack Lilley

Executive Summary: Staying updated on VMCs and CMCs is crucial for organizations aiming to authenticate their logos and enhance brand trust in email communications. This article outlines five key changes in the latest security requirements.​ This article: Introduction Verified Mark Certificates (VMCs) and Common Mark Certificates (CMCs) continue to evolve, and staying up to date…

Read more
Certificates

Let’s Encrypt & Red Sift webinar recap: A new era for certificate…

Francesca Rünger-Field

Every day, businesses rely on TLS certificates to keep their digital operations secure. But when those certificates expire unexpectedly, the consequences can be severe—websites go down, critical services break, and customer trust is lost. Even as automation has made certificate issuance and renewal easier, it hasn’t eliminated the problem. Organizations still find themselves blindsided…

Read more
Cybersecurity

Moving cybersecurity upstream to achieve resilience

Sean Costigan

Executive Summary: Integrating cybersecurity measures from the outset of software development is essential. Experts agree that this proactive approach enhances organizational resilience against cyber threats.​ This article: Introduction The traditional approach to cybersecurity—often tacked on as an afterthought—needs a serious overhaul. This was the consensus in the recent MN-ISSA sponsored fireside chat titled “Moving Cybersecurity…

Read more
Certificates

Six-day certificates: Here’s what you need to know

Francesca Rünger-Field

In January 2025, Let’s Encrypt announced a major step forward in enhancing web security: the introduction of six-day certificates, also known as “short-lived” certificates. This initiative aligns with Let’s Encrypt’s commitment to strengthening the Public Key Infrastructure (PKI) ecosystem and is set to roll out for general availability by the end of 2025. Why…

Read more
News

Red Sift becomes the recommended certificate monitoring service of Let’s Encrypt

Rahul Powar

We’re thrilled to announce that Red Sift Certificates Lite has become the official recommended certificate expiration monitoring service of Let’s Encrypt, the world’s most widely used Certificate Authority. Red Sift Certificates Lite is a free service that allows users to track up to 250 certificates with email notifications 7 days ahead of expiry. It…

Read more