email security

The hidden threat: How misconfigured DKIM enables replay attacks

Email authentication isn’t just an IT concern. It protects your brand and customers. A single misstep can let attackers spoof your domain, send phishing emails, and destroy customer trust. One of the most dangerous methods? The DKIM replay attack. In this post, we’ll break down how undersigned DKIM keys (signing too little of the message)…Continue Reading: The hidden threat: How misconfigured DKIM enables replay attacks

Microsoft announces new email requirements for bulk senders

Update: Includes a revision that Microsoft will now reject messages rather than moving to junk from large senders that don’t meet the sending requirements.. Everything else remains the same.  When rejected, the following message will be sent instead “550; 5.7.515 Access denied, sending domain [SenderDomain] doesn’t meet the required authentication level.” This blog: Microsoft has…Continue Reading: Microsoft announces new email requirements for bulk senders

Keep your Microsoft Online Email Routing Address secure with Red Sift OnDMARC

Every Microsoft 365 tenant includes a default domain in the format tenantname.onmicrosoft.com. This is known as the Microsoft Online Email Routing Address (MOERA). What many don’t realize is that attackers have started using these domains to impersonate organizations in phishing attacks. If left unmonitored, MOERA domains can become a blind spot in your email security….Continue Reading: Keep your Microsoft Online Email Routing Address secure with Red Sift OnDMARC

Prepare for the Mail Check deadline

Executive Summary: The NCSC is updating its Mail Check services, discontinuing features like DMARC aggregate reporting to enhance accessibility and manage costs. Public sector organisations relying on these services should explore alternative DMARC reporting solutions to maintain email security.​ This article: Introduction The National Cyber Security Centre (NCSC) is modifying Mail Check services to discontinue certain…Continue Reading: Prepare for the Mail Check deadline

How DMARC strengthens email security and prevents attacks

Executive Summary: DMARC is a pivotal component in safeguarding your organization from phishing and BEC threats. Implementing a ‘p=reject’ policy, facilitated by Red Sift OnDMARC, ensures that only authorized entities can use your domain, enhancing email security.​ This article: Introduction We’ll admit it, we’re pretty nerdy for email security and are passionate about ensuring your organization…Continue Reading: How DMARC strengthens email security and prevents attacks

Mail Check: Navigating the new changes

Executive Summary: The NCSC’s upcoming changes to Mail Check services, including the discontinuation of DMARC aggregate reporting, necessitate that organisations find alternative solutions to maintain robust email security.​ This article: Introduction The National Cyber Security Centre (NCSC) recently proposed updates to its Mail Check coming into effect on 24 March 2025. As the service evolves to…Continue Reading: Mail Check: Navigating the new changes