The Terry Zink Security Talk blog comes to an end

Some of you may have noticed that the amount that I post on this blog has lessened over the years, and especially this year. This is not for lack of ideas, but simply lack of time to write good, in-depth articles. However, irrespective of that, this is my last blog post on this blog. After…

1

The unauthenticated sender ‘?’ comes to Outlook

About a year ago, in Office 365, we released the feature that – similar to Gmail – Outlook Web Access stamps a ‘?’ in the sender photo when the message is not authenticated with either SPF or DKIM. Well, I was pleasantly surprised to see this morning it’s also in Outlook (for Windows, not sure…

0

Chasing the (very) long tail of unauthenticated domains

One of the requests that frequently crosses my desk (computer screen) is a vulnerability claim that a certain domain that is owned by Microsoft is prone to spoofing because it does not have email authentication records – neither SPF, DKIM, nor DMARC. Because this can be used to spoof, it is a vulnerability. Microsoft Corporation owns…

0