Category: Email

DMARC

Mail Check: Navigating the new changes

Jack Lilley

Executive Summary: The NCSC’s upcoming changes to Mail Check services, including the discontinuation of DMARC aggregate reporting, necessitate that organisations find alternative solutions to maintain robust email security.​ This article: Introduction The National Cyber Security Centre (NCSC) recently proposed updates to its Mail Check coming into effect on 24 March 2025. As the service evolves…

Read more
DMARC

BreakSPF: How to mitigate the attack

Jack Lilley

Executive Summary: BreakSPF is an emerging threat that takes advantage of misconfigured SPF records, especially those with overly broad IP ranges. Attackers can exploit these vulnerabilities to send fraudulent emails that appear legitimate.Utilizing solutions like Red Sift OnDMARC can help organizations detect and correct these misconfigurations, enhancing their overall email security posture.​ This article: Introduction BreakSPF…

Read more
DMARC

Navigating G-Cloud 14 for DMARC solutions: A guide for former NCSC Mail…

Francesca Rünger-Field

With the NCSC discontinuing key features of its Mail Check service, including DMARC aggregate and TLS reporting, after March 2025, UK public sector organisations must prepare for this change by transitioning to alternative email security solutions. To support this shift, Red Sift is offering an extended free trial of its DMARC application, OnDMARC, providing…

Read more
DMARC

Beyond DMARC: How Red Sift OnDMARC supports comprehensive DNS hygiene

Faisal Misle

Registrable domains and DNS play a crucial role in establishing online identity and trust, but their importance is often taken for granted. During new service setups, record updates are often overlooked, accumulating outdated entries. As infrastructure teams become increasingly overstretched,  services may be incorrectly shut down without proper cleanup, leaving behind a sprawl of…

Read more
DKIM

First look at DKIM2: The next generation of DKIM

Faisal Misle

In 2011, the original DomainKeys Identified Mail (DKIM1) standard was published. It outlined a method allowing a domain to sign emails, enabling recipients to verify that the email originated from an entity holding a private key that matches the public key published in the domain’s DNS records. Now in 2024, DKIM is ready for…

Read more
Cybersecurity

Boosting email security amid recent Coinbase phishing attempts

Jack Lilley

In recent weeks, there have been reports of sophisticated phishing attacks disguised as official communication from the cryptocurrency platform, Coinbase. These phishing emails closely mimic Coinbase’s branding and language to build recipient trust and prompt clicks on malicious links. The subject lines of these emails generally follow a format: the sender’s address starts with…

Read more