The Red Sift Blog
400,000 DMARC boost after Microsoft’s high-volume sender update
Filter all blogs
All blogs
400,000 DMARC boost after Microsoft’s high-volume sender update
Microsoft’s decision to join Google and Yahoo in enforcing stricter rules for high-volume senders has triggered an immediate response across the internet. In the last 30 days alone, 406,042 new domains have deployed Domain‑based Message Authentication, Reporting & Conformance (DMARC), pushing the global total to 10.9 million. While not all domains will be exclusive Outlook users,…
Read more
Red Sift partners with Gradian to strengthen email security through OnDMARC
Today Red Sift launches a new partnership with Gradian, a leading data protection provider, to offer its award-winning applications, including Red Sift OnDMARC, to new and existing customers. Established through Red Sift’s relationship with UK distributor E92plus, the two companies look to strengthen defences against phishing and Business Email Compromise (BEC) attacks. Allowing organisations…
Read more
DMARCbis: What are the changes and how to be ready
Executive Summary: DMARCbis, also known as DMARC 2.0, is the forthcoming update to the DMARC email authentication protocol, designed to address limitations and ambiguities in the original standard, with an expectation to be finalized and published in 2025. The update introduces clearer guidelines, a new method for determining organizational domains, and streamlined record management.…
Read more
TLS certificates are changing: What you need to know
Executive summary: TLS certificates are about to get significantly shorter-lived. Starting 15 March 2026, newly issued public-trust certificates will max out at 200 days—and just three years later, that lifespan drops to 47 days. Backed by Google, Apple, and Mozilla, this shift aims to make the web safer through fresher data, faster failover, and…
Read more
The hidden threat: How misconfigured DKIM enables replay attacks
Email authentication isn’t just an IT concern. It protects your brand and customers. A single misstep can let attackers spoof your domain, send phishing emails, and destroy customer trust. One of the most dangerous methods? The DKIM replay attack. In this post, we’ll break down how undersigned DKIM keys and related misconfigurations open your…
Read more
Why DMARC and BIMI are a business priority
Email threats aren’t slowing down, and neither should your authentication strategy. In our recent joint webinar with Marigold, “From DMARC to BIMI: Navigating the New Email Authorization Landscape,” we broke down what today’s evolving standards mean for both security and marketing teams—and how to take action now with our free Red Sift Investigate tool.…
Read more
Zoom stops zooming: Why active monitoring is essential
On April 16, 2025, Zoom experienced a significant global outage that disrupted video conferencing services and access to its website for thousands of users, as well as their corporate email for all their employees. It was quickly identified as a domain name registration status problem. Despite being a critical name for Zoom, somehow, the…
Read more
Why DMARC matters: Protect your organization from evolving phishing threats
Phishing campaigns continue to change. Attackers are adapting faster than traditional security tools, using more subtle methods to bypass filters and reach inboxes. The latest KnowBe 4 Phishing Threat Trends Report (2025) shows a steady increase in attacks that slip through email security platforms and a growing use of techniques that avoid detection, increasing…
Read more
Red Sift OnDMARC joins the Jisc Chest platform to strengthen email security…
With the National Cyber Security Centre’s (NCSC) Mail Check tool having retired its free DMARC reporting service in March 2025, education and research institutions across the UK are now facing a critical visibility gap when it comes to email-based threats. To help address this, Red Sift is now working with Jisc—the UK’s not-for-profit provider…
Read more
Microsoft announces new email requirements for bulk senders
Update: Includes a revision that Microsoft will now reject messages rather than moving to junk from large senders that don’t meet the sending requirements.. Everything else remains the same. When rejected, the following message will be sent instead “550; 5.7.515 Access denied, sending domain [SenderDomain] doesn’t meet the required authentication level.” This blog: Microsoft…
Read more
From concept to market leader: Reflecting on the development of Red Sift…
Following Red Sift OnDMARC being featured in 18 reports in G2’s Spring 2025 Report, CEO Rahul Powar shares his thoughts on the innovation behind the product—and what’s driving its continued momentum in the fight against phishing and Business Email Compromise (BEC). When I founded Red Sift, my goal was to make proactive cybersecurity accessible…
Read more
Keep your Microsoft Online Email Routing Address secure with Red Sift OnDMARC
Every Microsoft 365 tenant includes a default domain in the format tenantname.onmicrosoft.com. This is known as the Microsoft Online Email Routing Address (MOERA). What many don’t realize is that attackers have started using these domains to impersonate organizations in phishing attacks. If left unmonitored, MOERA domains can become a blind spot in your email…
Read more
Red Sift OnDMARC ranked #1 in EMEA and Europe for DMARC in…
G2’s Spring 2025 Report is here, and we’ve got some exciting news to share! Red Sift OnDMARC has been named the #1-rated DMARC solution in both EMEA and Europe, and that’s just the start. We also took the #1 spot in the Mid-Market Results Index and Mid-Market Usability Index, and were featured in 18…
Read more
The Mail Check deadline has passed: Is your organisation at risk?
The National Cyber Security Centre (NCSC) proposed changes to Mail Check services came into effect on 24 March 2025, including the ending of DMARC aggregate reporting. Organisations who are yet to comply must now seek an alternative provider or risk exposure to harmful cybersecurity incidents. This change comes as a measure to expand the…
Read more
Red Sift named a Top 50 company in 2025 Emerging Stars Awards
We’re pleased to share that Red Sift has been named Best Performing Company – Security & Infrastructure in the 2025 Emerging Stars Awards. These awards, part of the Megabuyte100 series, recognise the UK’s 50 best-performing scale-up technology companies based on solid financial performance, from over 800 entries. Being recognised in this category reflects the…
Read more
Mailgun and Red Sift partner to boost email programs with stronger authentication
Senders know that email is a critical channel for driving customer engagement and establishing trust, yet deliverability and security issues can disrupt email programs. Mailgun, a leader in cloud-based email delivery, is providing free DMARC reporting for all Mailgun senders courtesy of Red Sift OnDMARC. This integration brings senders complete visibility into authentication results…
Read more
Over 60% of healthcare organizations remain unprotected against data breaches
Introduction Red Sift’s analysis of healthcare organizations that reported large breaches to the Department of Health & Human Services (HHS) in 2023-2024 uncovered a troubling trend: post-breach, 61% remain unprotected against phishing and domain spoofing due to weak or nonexistent DMARC policies. DMARC (Domain-based Message Authentication, Reporting & Conformance) is a widely recognized security…
Read more
Red Sift wins 2025 Cybersecurity Excellence Award for OnDMARC
Executive Summary: Red Sift OnDMARC has been recognized with the 2025 Cybersecurity Excellence Award for its advanced email security solutions. By leveraging AI-powered tools like Red Sift Radar for security issues and Dynamic DNS Guardian for real-time monitoring, OnDMARC provides businesses with robust protection against phishing, spoofing, and business email compromise (BEC). Key takeaways:…
Read more
Red Sift’s Winter ‘24/’25 Quarterly Product Release
This quarter, we’re making security faster, smarter, and more proactive with updates that improve threat detection, reduce manual work, and prevent threats before they escalate. Highlights include: Brand Trust Executive Impersonation: Detect unauthorized use of leadership identities By uploading and managing executive images in Brand Trust, security teams can detect and monitor unauthorized use…
Read more
Enhanced logo detection with AI: A hybrid approach
Executive Summary: Accurate logo detection is essential for protecting brands against misuse and fraudulent activities. Red Sift’s hybrid AI approach enhances detection precision, effectively balancing the reduction of false positives with the identification of genuine threats. This article: Introduction Logo detection is crucial for brand protection, helping identify logo misuse in lookalike domains and fraudulent…
Read more
Prepare for the Mail Check deadline
Executive Summary: The NCSC is updating its Mail Check services, discontinuing features like DMARC aggregate reporting to enhance accessibility and manage costs. Public sector organisations relying on these services should explore alternative DMARC reporting solutions to maintain email security. This article: Introduction The National Cyber Security Centre (NCSC) is modifying Mail Check services to discontinue…
Read more