DKIM. No, it’s not a new singer/rapper/influencer/whatever. It’s a DNS controlled Email Authentication mechanism. What does that mean? Well, if you want a technical explanation, go see my article on Authorization vs Authentication, since that is important to understand if you want to understand DKIM. DKIM stands for DomainKeys Identified Mail. It uses a feature of Public Key Authentication to allow receiving mail servers to verify that the message is not modified in transit and that the sender is authentic. …
The Old Horse named SMTP
Email is old. The first message sent across a computer network was sent in 1971. The current email protocol, SMTP, was codified under RFC 788 in 1981 and while it has been updated over the past 42 years (Man, I’m old), the core functionality in SMTP hasn’t changed much at all.…
The authentication vs authorization dichotomy is something every IT person should learn. The two concepts are often confused with one another, likely because they both start with “Auth.” Also because, from an end user perspective, the two work together so seamlessly that it’s hard to tell where one starts and the other stops. The difference is important, though.…
Email security is a war between security professionals and malicious actors. Security professionals are often following malicious actors and reacting to changes. Unfortunately, success in this war is dependant on information. To aid in that effort, every major security vendor that works in the email world has some way to report bad emails. Each report can be examined to figure out what techniques were used to bypass existing security.…
An important security concept that has cropped up over the past few years is Multi-Factor Authentication (MFA). Its predecessor, 2 Factor Authentication, has been around for decades but has become less common recently due to some inherent flaws. Put simply, both techniques improve security, but how? To get to that, let’s go through the MFA acronym backward, so I can explain how things come together.…
Update: Due to some changes in how MS handles MFA in O365, I’ve had to completely re-write this article. Updated instructions follow.
MFA in O365
Office 365 MFA is probably the best thing to enable for securing the environment. Microsoft has gone through a number of iterations on setting this up, but has finally ended with the existing settings.…
What are Cloud Service Providers
Moving from a traditional IT infrastructure to a cloud-based or hybrid infrastructure is a complicated undertaking. Cloud systems will reduce the level of control an organization has over their application, and getting the right setup is sometimes difficult. This is where Cloud Service Providers (CSP) come in. I should first point out that CSP is a Microsoft term for organizations that partner with them to provide migration, administration, architectural, security, and development services to their customers.…
What does “Shared Responsibility” Mean
“Shared Responsibility” explains the demarcation line between what a cloud provider controls and what a cloud consumer controls. In a traditional DIY IT environment, responsibility for everything rests entirely on the business and its IT personnel. Electricity, physical security, hardware, software, and everything else has to be purchased, installed, maintained, and administered by the company directly or through an intermediary.…
Though you may not know it, DNS (Or Domain Name System) is probably the most used things on the Internet. In fact, you’re using it right now. For those who don’t know what DNS is or does, it is the system we use to translate Domain Names to IP Addresses.
What is DNS?
DNS was created to allow easy creation, distribution, and update of “Internet Names.”…
Take a minute to go over this post from Dirk-jan Mollema. Go ahead and read it. I’ll wait…
Did you realize how scary that kind of attack is? As an IT guy who specializes in Exchange server and loves studying security, that article scared the snot out of me. Based on my experience with organizations of all sizes I can say with a good bit of authority that almost every Exchange organization out there is probably vulnerable to this attack.…