DKIM

DKIM. No, it’s not a new singer/rapper/influencer/whatever. It’s a DNS controlled Email Authentication mechanism. What does that mean? Well, if you want a technical explanation, go see my article on Authorization vs Authentication, since that is important to understand if you want to understand DKIM. DKIM stands for DomainKeys Identified Mail. It uses a feature of Public Key Authentication to allow receiving mail servers to verify that the message is not modified in transit and that the sender is authentic. 

Continue Reading →

SPF, DKIM, and DMARC

The Old Horse named SMTP

Email is old. The first message sent across a computer network was sent in 1971. The current email protocol, SMTP, was codified under RFC 788 in 1981 and while it has been updated over the past 42 years (Man, I’m old), the core functionality in SMTP hasn’t changed much at all.…

Continue Reading →

Authentication VS Authorization: A Quick Explanation

The authentication vs authorization dichotomy is something every IT person should learn. The two concepts are often confused with one another, likely because they both start with “Auth.” Also because, from an end user perspective, the two work together so seamlessly that it’s hard to tell where one starts and the other stops. The difference is important, though.…

Continue Reading →

Technical Overview – Configuration Change in Name parameter for Exchange Online

If you’re an admin for a Microsoft 365 account, you probably received an email from the Microsoft Message Center titled “Configuration Change in Name parameter for Exchange Online.” The email states that Microsoft will be changing the way the Name attribute functions in Azure AD/MS 365. Unfortunately, the email and associated documentation doesn’t do a good job of explaining the reasoning and implications of the change.…

Continue Reading →

So You Want to Work in IT – Part 2 – Finding a Direction

There are a lot of different ways to take a career in IT. A lot of the time, people fall into a path in their career without really realizing. I personally fell into a focus on email because I kept getting assigned to work on email systems as a primary assignment. The more I learned about email, the more my employers began to rely on me to work with Exchange server.…

Continue Reading →

So You Want to Work in IT – Part 1 – Industry Overview

One of my great loves in IT is helping to mentor new technicians who are either just starting out or are only a couple years in. I love this kind of mentoring because it gives me the opportunity to help get people on a good path so they can succeed and become effective workers. So, I’ve decided to write up a few posts that go over some of the ins and outs of the industry so newer IT specialists or people who are just considering a career in IT can arm themselves with knowledge.…

Continue Reading →

Controlling Autodiscover with the Registry or GPO

Depending on your situation, you may want to take control of how Exchange’s Autodiscover lookup process works. Specifically, there are a lot of scenarios where Autodiscover will break because the lookup process isn’t properly controlled. In this article, I’ll go over registry settings that will let you control which steps are used and which ones are skipped.…

Continue Reading →

SChannel 36887 Errors in Windows Server

The Problem: You open up the Windows event viewer and see loads of Red SChannel 36887 errors. If you’re like most admins, you want to fix this problem, but can’t really figure out how. These errors are notoriously hard to resolve because they don’t often happen regularly. Most of the time, you don’t know the exact configuration that caused the error, so it’s impossible to replicate the errors in a way that allows you to run wireshark to figure things out directly, so you just have to go off the error message and what it includes.…

Continue Reading →

Step By Step: Adding Email Phishing Report Button to Office 365

Email security is a war between security professionals and malicious actors. Security professionals are often following malicious actors and reacting to changes. Unfortunately, success in this war is dependant on information. To aid in that effort, every major security vendor that works in the email world has some way to report bad emails. Each report can be examined to figure out what techniques were used to bypass existing security.…

Continue Reading →