Trustworthy Email DRAFT

johnblue

johnblue

If you would like to have a horse in this race, comments by Nov 30, 2015:
This draft guide includes recommendations for the deployment of domain-based authentication protocols for email as well as end-to-end cryptographic protection for email contents.

Technologies recommended in support of core Simple Mail Transfer Protocol (SMTP) and the Domain Name System (DNS) include:
  • mechanisms for authenticating a sending domain (Sender Policy Framework (SPF)
  • Domain Keys Identified Mail (DKIM) and Domain based Message Authentication
  • Reporting and Conformance (DMARC)
Email content security is facilitated through encryption and authentication of message content using S/MIME and/or Transport Layer Security (TLS) with SMTP.
Click to expand...

url: http://csrc.nist.gov/publications/PubsDrafts.html#SP-800-177
 
I haven't looked through the whole thing yet but I find those three things listed - SPF, DKIM & DMARC (and TLS) are pretty much required to run a mail system these days.

The big cloud providers like Gmail and Outlook.com are slowly taking over. If you don't want them dropping perfectly legitimate emails without trace or putting them in a Junk folder most users cant find, everything needs to be perfect. If not, get ready for the user complaints about you 'not being compatible' with these global services.
 
You must log in or register to reply here.
Back
Top