Sharp rise in use of DMARC, SPF, DKIM and DANE for mail

DNSSEC as a basis for secure mail transmission

With the cryptographic DNSSEC infrastructure firmly established, great progress is now being made securing the transmission of e-mail traffic. DANE is increasingly well supported by e-mail software. And, here in the Netherlands, the government is proving to be a committed driver of DMARC, SPF and DKIM implementation.

Tim Draegen, co-inventor of the DMARC standard, recently received a certificate from the government in recognition of DMARC's addition to the 'use-or-explain' list. Since then, government and semi-government organisations have been obliged to implement the standards when procuring new ICT systems and services. What's more, according to the latest Joint Ambition Statement, the aim is to adopt the strictest DMARC setting ('p=quarantine' or 'p=reject') for all government domains by the end of 2019.

BartKnubben-20180830_oorkonde_tim_draegen

The two associated standards (SPF and DKIM) had previously been added to the 'use-or-explain' list. The strictest SPF setting — '~all' of '-all' — is also to be implemented by the end of next year.

DANE for mail

Meanwhile, mail software developers are continuing to work on the implementation of DANE, a cryptographic technique for anchoring TLS certificates in the mail system. For example, port25 recently announced that it had implemented DANE validation (for outgoing mail) in version 5.0 of its PowerMTA bulk-mailer. Manvendra Bhangui, lead developer of the IndiMail MTA, added DANE validation to release 2.5 of the program last spring.

The Forum for Standardisation is now investigating whether DANE validation for outgoing mail and DANE certificate pinning for incoming mail should also be added to the 'use-or-explain' list. At the start of this year, the European Commission recognised DANE for both mail and the web as an official standard for use in procurement.

Comments

  • Monday 12 November 2018

    Internet security

    Watch out! Fake Tikkie domain name used in scam

    Tikkie-thumb

    Case: Tikkie domain name scam

    Read more
  • Monday 15 April 2019

    Knowledge

    Dutch primary school pupils need better digital skills

    Onderzoek-digitale-vaardigeheden-in-het-onderwijs-2018-homepage

    Digital skills should be a fixed part of the curriculum, say teachers and parents

    Read more
  • Friday 1 February 2019

    Internet security

    Fake webshops taken off line much sooner

    Thumb-woman-buys-shoes-online-on-tablet

    Faster detection and take-down procedure means less fraud

    Read more

Sorry

Your browser is too old to optimally experience this website. Upgrade your browser to improve your experience.