So while at InteropITX, the use case was given that your employees should expect a consistent signature from co-workers to ensure phishing hasn’t been used to gather information from internal staff to coordinate an attack. HOWEVER, “Thanks, -Jake” is no cryptographically sane signature, and it’s not HARD to sign emails with your private key, —–BEGIN PGP SIGNED MESSAGE—– Hash: SHA512 Continue reading What is a real email signature.
A few weeks ago I had the honor of being a guest on a podcast! This is a first for me as the closest to speaking publicly have been at small, 20’sh tech meetups, not the same. I tell you what these guys are really good at their job, they did a ton of research, had great questions (many of Continue reading Datanauts Podcast Episode 081 – Secure Email Infrastructure
Step 1) Download Nartac for IIS Step 2) Run and select Best Practices (Disables SSLv2/SSLv3) Step 3) Reboot That’s it, if you want the long and hard way, follow this technet article. What does this tool do? It makes registry changes to your schannel which applies to all TLS channels, either HTTPS, SMTPS, or STARTTLS (others if you have them)
While working on figuring out a way to block email sent to and from external users, without blocking email to or from internal domain and allowing relay…. I had this idea: What if I could check the SPF record of a domain when checking the from header of a domain. This would allow me to dynamically permit emails from any Continue reading Postfix Outbound SPF Checker Idea
Hey All, It’s been a while and I finally got around to updating my postfix cluster to send email over my OpenVPN tunnel with standard ports to my local zimbra server instead of using a non-standard port over the wan. While I was at it, I figured I’d trying pushing IPv6 and here’s how that went. A little backstory, my Zimbra Continue reading IPv6 OpenVPN Tunneling with Asus MerlinWRT and Postfix Smarthost over v6 Tunnels
So recently I had a client that wanted any email sent to any domain to arrive in all email systems, why? can’t tell you that but it is possible and here’s 2 solutions how. Build your own email filter based on postfix, do all your anti-spam, anti-spoofing and email routing there, here’s a great post on how that works from PJR Continue reading Dual Delivery, Dual Cloud, Office 365 and Google Apps, and and and and…