Mail Transfer Agent-Strict Transport Security (MTA-STS) is a new standard that enables mail service providers with the ability to enforce Transport Layer Security (TLS)  to secure SMTP connections, and to specify whether the sending SMTP servers should refuse to deliver emails to MX hosts that that does not offer TLS with a reliable server certificate. It has been proven to successfully mitigate TLS downgrade attacks and Man-In-The-Middle (MITM) attacks. 

In simpler terms, MTA-STS is an internet standard that secures connections between SMTP mail servers. The most prominent problem with SMTP is that encryption is completely optional and isn’t enforced during mail transfer. This is why SMTP adopted the STARTTLS command to upgrade from plaintext to encryption. This was a valuable step towards mitigating passive attacks, however, tackling attacks via active networks and MITM attacks still remained unaddressed.

Hence, the issue MTA-STS is solving is that SMTP utilizes opportunistic encryption, i.e if an encrypted communication channel cannot be established, the connection falls back to plaintext, thereby keeping MITM and downgrade attacks at bay.

What is a TLS Downgrade Attack?

As we already know, SMTP did not come with an encryption protocol and encryption had to be retrofitted later on to enhance the security of the existing protocol by adding the STARTTLS command. If the client supports encryption (TLS), it will understand the STARTTLS verb and will initiate a TLS exchange before sending the email to ensure it is encrypted. If the client doesn’t know TLS, it will simply ignore the STARTTLS command and send the email in plaintext.

Therefore, since encryption had to be retrofitted into SMTP protocol, the upgrade for encrypted delivery has to rely on a STARTTLS command that is sent in cleartext. A MITM attacker can easily exploit this feature by performing a downgrade attack on the SMTP connection by tampering with the upgrade command. The attacker simply replaced the STARTTLS with a garbage string which the client fails to identify. Therefore, the client readily falls back to sending the email in plaintext.

The attacker usually replaces the command with the garbage string containing the same number of characters, rather than chucking it out, because this preserves the packet size and therefore, makes it easier. The eight letters in the garbage string in the option command allow us to detect and identify that a TLS downgrade attack has been executed by a cybercriminal, and we can measure its prevalence.

In short, A downgrade attack is often launched as a part of a MITM attack, so as to create a pathway for enabling a cryptographic attack that would not be possible in case of a connection that is encrypted over the latest version of TLS protocol, by replacing or deleting the STARTTLS command and rolling back the communication to cleartext.

While it is possible to enforce TLS for client-to-server communications, as for those connections we know that the apps and the server support it. However,  for server-to-server communications, we must fail open to allow legacy servers to send emails. The crux of the problem is that we have no idea if the server on the other side supports TLS or not. MTA-STS allows servers to indicate that they support TLS, which will allow them to fail close (i.e. not sending the email) if the upgrade negotiation doesn’t take place, thereby making it impossible for a TLS downgrade attack to take place.

tls reporting

How Does MTA-STS Come to the Rescue?

MTA-STS functions by increasing the EXO or Exchange Online email security and is the ultimate solution to a wide range of SMTP security drawbacks and problems. It solves issues in SMTP security such as lack of support for secure protocols, expired TLS certificates, and certificates that are not issued by reliable third parties. 

As mail servers proceed to send out emails, the SMTP connection is vulnerable to cryptographic attacks such as downgrade attacks and MITM. Downgrade attacks can be launched by deleting the STARTTLS response, thereby delivering the message in clear text. Similarly, MITM attacks can also be launched by redirecting the message to a server intruder over an insecure connection. MTA-STS allows your domain to publish a policy that makes sending an email with encrypted TLS compulsory. If for some reason the receiving server is found to not support STARTTLS, the email will not be sent at all. This makes it impossible to instigate a TLS downgrade attack.

In recent times, the majority of mail service providers have adopted MTA-STS thereby making connections between servers more secure and encrypted over TLS protocol of an updated version, thereby successfully mitigating TLS downgrade attacks and nullifying the loopholes in server communication.

PowerDMARC brings to you, speedy and easy hosted MTA-STS services which make your life a whole lot easier as we take care of all the specifications required by MTA-STS during and after implementation, such as an HTTPS-enabled web server with a valid certificate, DNS records, and constant maintenance. PowerDMARC manages all of that completely in the background so that after we help you set it up, you never even have to think about it again!

With the help of PowerDMARC, you can deploy Hosted MTA-STS at your organization without the hassle and at a very speedy pace, with the help of which you can enforce emails to be sent to your domain over a TLS encrypted connection, thereby making your connection secure and keeping TLS downgrade attacks at bay.

 

A widely known internet standard that facilitates by improving the security of connections between SMTP (Simple Mail Transfer Protocol) servers is the SMTP Mail Transfer Agent-Strict Transport Security (MTA-STS).

In the year 1982, SMTP was first specified and it did not contain any mechanism for providing security at the transport level to secure communications between the mail transfer agents. However, in 1999, the STARTTLS command was added to SMTP that in turn supported the encryption of emails in between the servers, providing the ability to convert a non-secure connection into a secure one that is encrypted using TLS protocol.

In that case, you must be wondering that if SMTP adopted STARTTLS to secure connections between servers, why was the shift to MTA-STS required? Let’s jump into that in the following section of this blog!

The Need for Shifting to MTA-STS

STARTTLS was not perfect, and it failed to address two major problems: the first being that it is an optional measure, hence STARTTLS fails to prevent man-in-the-middle (MITM) attacks. This is because a MITM attacker can easily modify a connection and prevent the encryption update from taking place. The second problem with it is that even if STARTTLS is implemented, there is no way to authenticate the identity of the sending server as SMTP mail servers do not validate certificates.

While most outgoing emails today are secured with Transport Layer Security (TLS) encryption, an industry standard adopted even by consumer email, attackers can still obstruct and tamper with your email even before it gets encrypted. If you email to transport your emails over a secure connection, your data could be compromised or even modified and tampered with by a cyber attacker. Here is where MTA-STS steps in and fixes this issue, guaranteeing safe transit for your emails as well as successfully mitigating MITM attacks. Furthermore, MTAs store MTA-STS policy files, making it more difficult for attackers to launch a DNS spoofing attack.

MTA-STS offers protection against :

  • Downgrade attacks
  • Man-In-The-Middle (MITM) attacks
  • It solves multiple SMTP security problems, including expired TLS certificates and lack of support for secure protocols.

How Does MTA-STS Work?

MTA-STS protocol is deployed by having a DNS record that specifies that a mail server can fetch a policy file from a specific subdomain. This policy file is fetched via HTTPS and authenticated with certificates, along with the list of names of the recipients’ mail servers. Implementing MTA-STS is easier on the recipient’s side in comparison to the sending side as it requires to be supported by the mail server software. While some mail servers support MTA-STS, such as PostFix, not all do.

hosted MTA STS

Major mail service providers such as Microsoft, Oath, and Google support MTA-STS. Google’s Gmail has already adopted MTA-STS policies in recent times. MTA-STS has removed the drawbacks in email connection security by making the process of securing connections easy and accessible for supported mail servers.

Connections from the users to the mail servers are usually protected and encrypted with TLS protocol, however, despite that there was an existing lack of security in the connections between mail servers before the implementation of MTA-STS. With a rise in awareness about email security in recent times and support from major mail providers worldwide, the majority of server connections are expected to be encrypted in the recent future. Moreover, MTA-STS effectively ensures that cybercriminals on the networks are unable to read email content.

Easy and Speedy Deployment of Hosted MTA-STS Services by PowerDMARC

MTA-STS requires an HTTPS-enabled web server with a valid certificate, DNS records, and constant maintenance. PowerDMARC makes your life a whole lot easier by handling all of that for you, completely in the background. Once we help you set it up, you never even have to think about it again.

With the help of PowerDMARC, you can deploy Hosted MTA-STS at your organization without the hassle and at a very speedy pace, with the help of which you can enforce emails to be sent to your domain over a TLS encrypted connection, thereby making your connection secure and keeping MITM attacks at bay.

 

 

With the ongoing surge in phishing attacks, email and domain spoofing attacks, BEC, and other fraudulent activities by cybercriminals, an extra layer of security and email protection is always a good idea! Recipients of emails are growing more and more suspicious of the messages landing in their inboxes due to the rise in cyber attacks. The solution? A well-rounded email security suite that includes BIMI implementation.

A recent survey conducted by security professionals in the US disclosed that 60% of US citizens claim to have fallen prey to a cyber scam or know of someone who has been affected by the same, in their close circle, post-pandemic. Therefore, in order to provide their emails with an additional layer of protection, businesses need to implement a new standard like Brand Indicators for Message Identification (BIMI), as it promises to take consumer confidence to the next level.

What is BIMI?

BIMI stands for Brand Indicators for Message Identification, which is a newly formed standard of email authentication that affixes your brand’s logo to all emails authorized by you. This may feel like a very small step, but visual verification can in fact increase your brand’s credibility by allowing receivers to recognize and trust the emails you send out from your business email domain.

You might be wondering, if you already have DMARC implemented in your organization, that makes use of SPF and DKIM authentication standards, do you even need BIMI? Let us discuss in brief how each of these standards functions to authenticate inbound emails:

  • SPF authenticates your emails to identify the mail servers that are allowed to send emails from your email domain, enlisted in the SPF record.
  • DKIM authenticates emails by adding a digital signature to them, allowing the receiver to check whether an email claiming to be coming from a specific domain was indeed authorized by the owner of that domain.
  • DMARC specifies to inbox providers how to respond to emails that fail SPF and DKIM email authentication.
  •  BIMI affixes your brand’s logo to the emails you send out to your employees, partners, and customers so that they can promptly identify that it is from an authorized source.

Therefore it is quite evident from the discussion above that among all the email authentication protocols, BIMI is the only standard that provides a scope for visual identification, offering email receivers a visual clue to identify the email source and recognize its authenticity.

PowerDMARC Logo Mobile

BIMI Implementation- A Brief Guide

While BIMI is an emerging and still evolving authentication standard, it is still relatively new. As of yet, only Yahoo! Mail has officially adopted the technology. Due to this reason, BIMI does not guarantee the display of your brand logo as it works with only supported email clients. There are a few essential steps to follow, prior to BIMI implementation, which are:

  • In order to implement BIMI at your organization, your domain requires to be DMARC- authenticated at a policy level of enforcement, i.e. either reject or quarantine.
  • You must create and upload an SVG file of your brand’s logo as per the BIMI requirements to a server so that it is accessible from anywhere.
  • You have to create a BIMI record, which, similar to a DMARC record is essentially a string that consists of multiple tags, separated by semicolons.
  • You need to have access to your domain’s DNS to publish this new BIMI record.
  • It is a rather useful practice to check the validity of your BIMI record after it is published in your DNS.

How can BIMI implementation prove to be advantageous for your business?

BIMI is an email authentication protocol that exercises visual identification to help email receivers recognize and trust your brand in the inbox. This trust prevents customers and partners from unsubscribing your services and keeps spam complaints at bay as well, which can subsequently lead to a  boost in email deliverability.

Without BIMI, a generic placeholder logo with brand initials is displayed by email clients. Due to this reason, the recipient might have a hard time recognizing your brand without resorting to the brand name. However, with BIMI implemented, the brand logo is displayed next to your email message, boosting brand awareness.

In addition to that, it is an extra layer of email security against domain spoofing attacks, phishing attacks, and other attempts at impersonation as receivers would be more wary about cybercriminals posing to be you.

Furthermore, BIMI allows you to market your brand. Yes, you heard me right! Sometimes recipients do not have a lot of time in hand, and your subject line might not be compelling enough to click on at the moment. Regardless of that, your recipients will connect your sender address, subject line, and preheader text with your logo, helping further build your brand.

Lastly, BIMI implementation also has a very positive impact on your email deliverability rate! For mailbox providers who do support BIMI, it will add another layer of email authentication to your messages, thereby increasing the chance of them delivering your email more promptly. In addition to that, your email receivers can visually identify and recognize your brand, through the displayed logo, decreasing the chances of them marking it as spam.

Ease up Your BIMI Implementation Process with PowerBIMI

With PowerBIMI we make BIMI record publishing very speedy and simple for you! All you have to do is simply upload your SVG image, we will host it securely and provide you with a DNS record instantly, so that you can publish it in your DNS. We take off from your shoulder the pain of hosting the image and securing it.

With PowerBIMI you can update, delete or do any changes to your image, at any time, without the need for updating your DNS records again. PowerBIMI provides you with a very speedy and easy one-click implementation procedure to upload your logo and shift to BIMI authentication successfully, adding it as a part of your email security suite after signing up for free BIMI record.

Shoppers from around the world wait intently for the days following up to Thanksgiving, especially in the US, to grab the best deals on Black Friday. Major retail stores and e-commerce platforms from around the world dealing in a wide range of products launch their coveted Black Friday sales, dispensing products at striking discount rates to their scalable customer base.

However, while it is a time for these organizations to make a lot of money, it is also a time when cybercriminals are the most active! Researchers from around the world have concluded that there is a steep surge in the number of spoofing and phishing attacks, leading up to Black Friday. To protect your online shoppers from falling prey to these spoofing attempts, implementing DMARC as an integral part of your workplace security policy is imperative.

Spoofing Attacks- Exploring the Threat Landscape on Black Friday

Spoofing is essentially an impersonation attack that is a more sophisticated attempt at implicating a renowned brand or organization. Spoofing attacks may be launched by deploying various methods. The cybercriminals may target more technical elements of an organization’s network, such as an IP address, domain name system (DNS) server, or Address Resolution Protocol (ARP) service, as part of a spoofing attack.

Research reveals that there is a steep increase in impersonation and spoofing attempts in the days leading up to Black Friday every single year, and yet 65% of the leading online retail stores and e-commerce platforms as of 2020 have no published DMARC record whatsoever!

Wondering what the consequence might be?

The main agenda of cybercriminals while spoofing your domain name is to send out fraudulent emails integrated with phishing links. The attacker tries to lure in your brand’s esteemed customer base with hollow promises of providing unbelievable offers and discount coupons on Black Friday while posing as your customer support. Vulnerable customers who have been shopping on your platform for years and trust your company, wouldn’t think twice before opening the email and trying to avail of the offers.

Using this tactic, attackers spread ransomware and malware, instigate money transfers, or try to steal confidential information from consumers.

Ultimately, your company might end up facing legal repercussions, suffer a blow to its reputation, and lose the confidence of its customers. For these reasons, it’s wise to learn about how you can protect your brand from the surge in spoofing attacks this Black Friday.

Protect Your Business from Spoofing Attacks with DMARC

It is unnatural to expect your consumers to be aware of the changing trends and tactics of cybercriminals, which is why you should be proactive and take necessary action to prevent attackers from using your domain name to carry out malicious activities this Black Friday.

The best and easiest way to ensure that? Implement a leading-edge DMARC-based email authentication tool in your organization at once! Let’s count down the benefits of it:

AI-Driven Email Authentication

You can stop attackers from forging your email header and sending out phishing emails to your customers with the DMARC analyzer tool that makes use of SPF and DKIM email authentication technologies to block out spoofed emails before they can manage to land in the receiver’s inbox.

Publishing a DMARC record enables you to be in total control of your email channels by verifying each and every sending source and enjoying the freedom of optimizing your DMARC policy (none, quarantine or reject)  as per your requirements.

DMARC reporting and monitoring

A DMARC-based authentication and reporting tool like PowerDMARC extends the facilities provided by DMARC by including provisions to report and monitor spoofing and phishing activities in real-time, without affecting your email deliverability rate. Through threat mapping, you can find out the geo-locations of the abusers of your IP address including reports on their history of domain abuse, and blacklist them with the click of a button!

This not only provides you with adequate visibility of your brand’s email domain but also empowers you to monitor any attempts at impersonation and stay updated on the changing tactics of cybercriminals. By monitoring your email reports, you can see which ones passed, failed, or didn’t align with DMARC and at which stage, to get to the root of the problem so that you can take action against it. Comprehensive and readable reports on the same take you through every detail, from SPF verification to DKIM records, highlighting all the IPs that failed DMARC authentication.

Staying under the DNS look-up limit

Your company may have various third-party vendors making it difficult for you to stay under the 10 DNS lookup limit provided by SPF. If you exceed the limit, your SPF will fail, making the implementation useless. However, upgrading to PowerSPF keeps your lookup limit under check by giving you the ability to add/remove senders from your SPF record without ever exceeding the 10 DNS lookup limit.

Enhance Your Brand Recall with BIMI

To provide your email domain with a second layer of authentication and credibility, you should confide in a hosted BIMI record. Brand Indicators for Message Identification (BIMI) is exactly what you need in times like these, to flatten the surge in spoofing attacks prior to Black Friday. This standard affixes your exclusive brand logo on every email you send out to your customer base, letting them know it’s you and not an impersonator.

  • BIMI enhances brand recall and reinforces brand image among your customers, letting them visually confirm that the email is genuine.
  • It increases brand credibility and reliability
  • It improves email deliverability

Upgrade your organization’s security suit and protect your brand against domain abuse this Black Friday with PowerDMARC. Book a demo or sign up for a free DMARC trial today!

All right, you’ve just gone through the whole process of setting up DMARC for your domain. You published your SPF, DKIM and DMARC records, you analysed all your reports, fixed delivery issues, bumped up your enforcement level from p=none to quarantine and finally to reject. You’re officially 100% DMARC-enforced. Congratulations! Now only your emails reach people’s inboxes. No one’s going to impersonate your brand if you can help it.

So that’s it, right? Your domain’s secured and we can all go home happy, knowing your emails are going to be safe. Right…?

Well, not exactly. DMARC is kind of like exercise and diet: you do it for a while and lose a bunch of weight and get some sick abs, and everything’s going great. But if you stop, all those gains you just made are slowly going to diminish, and the risk of spoofing starts creeping back in. But don’t freak out! Just like with diet and exercise, getting fit (ie. getting to 100% enforcement) is the hardest part. Once you’ve done that, you just need to maintain it on that same level, which is much easier.

Okay, enough with the analogies, let’s get down to business. If you’ve just implemented and enforced DMARC on your domain, what’s the next step? How do you continue keeping your domain and email channels secure?

What to Do After Achieving DMARC Enforcement

The #1 reason that email security doesn’t simply end after you reach 100% enforcement is that attack patterns, phishing scams, and sending sources are always changing. A popular trend in email scams often doesn’t even last longer than a couple of months. Think of the WannaCry ransomware attacks in 2018, or even something as recent as the WHO Coronavirus phishing scams in early 2020. You don’t see much of those in the wild right now, do you?

Cybercriminals are constantly changing their tactics, and malicious sending sources are always changing and multiplying, and there’s not much you can do about it. What you can do is prepare your brand for any possible cyberattack that could come at you. And the way to do that is through DMARC monitoring & visibility .

Even after you’re enforced, you still need to be in total control of your email channels. That means you have to know which IP addresses are sending emails through your domain, where you’re having issues with email delivery or authentication, and identify and respond to any potential spoofing attempt or malicious server carrying a phishing campaign on your behalf. The more you monitor your domain, the better you’ll come to understand it. And consequently, the better you’ll be able to secure your emails, your data and your brand.

Why DMARC Monitoring is So Important

Identifying new mail sources
When you monitor your email channels, you’re not just checking to see if everything’s going okay. You’re also going to be looking for new IPs sending emails from your domain. Your organization might change its partners or third party vendors every so often, which means their IPs might become authorized to send emails on your behalf. Is that new sending source just one of your new vendors, or is it someone trying to impersonate your brand? If you analyse your reports regularly, you’ll have a definite answer to that.

PowerDMARC lets you view your DMARC reports according to every sending source for your domain.

Understanding new trends of domain abuse
As I mentioned earlier, attackers are always finding new ways to impersonate brands and trick people into giving them data and money. But if you only ever look at your DMARC reports once every couple of months, you’re not going to notice any telltale signs of spoofing. Unless you regularly monitor the email traffic in your domain, you won’t notice trends or patterns in suspicious activity, and when you are hit with a spoofing attack, you’ll be just as clueless as the people targeted by the email. And trust me, that’s never a good look for your brand.

Find and blacklist malicious IPs
It’s not enough just to find who exactly is trying to abuse your domain, you need to shut them down ASAP. When you’re aware of your sending sources, it’s much easier to pinpoint an offending IP, and once you’ve found it, you can report that IP to their hosting provider and have them blacklisted. This way, you permanently eliminate that specific threat and avoid a spoofing attack.

With Power Take Down, you find the location of a malicious IP, their history of abuse, and have them taken down.

Control over deliverability
Even if you were careful to bring DMARC up to 100% enforcement without affecting your email delivery rates, it’s important to continuously ensure consistently high deliverability. After all, what’s the use of all that email security if none of the emails are making it to their destination? By monitoring your email reports, you can see which ones passed, failed or didn’t align with DMARC, and discover the source of the problem. Without monitoring, it would be impossible to know if your emails are being delivered, let alone fix the issue.

PowerDMARC gives you the option of viewing reports based on their DMARC status so you can instantly identify which ones didn’t make it through.

 

Our cutting-edge platform offers 24×7 domain monitoring and even gives you a dedicated security response team that can manage a security breach for you. Learn more about PowerDMARC extended support.

Why do I Need DKIM? Isn’t SPF Enough?

Remote working has specifically introduced people to an increased number of phishing and cyberattacks. Mostly, the worst amount of phishing attacks are those that one can’t ignore. No matter the amount of work emails being received and sent, and despite the rise in workplace chat and instant messaging apps, for most people working in offices, email continues to dominate the business communication both internally and externally.

However, it’s not a secret that emails are usually the most common entry point for cyberattacks, which involves sneaking malware and exploits into the network and credentials, and reveal the sensitive data. According to data from SophosLabs in September 2020, around 97% of the malicious spam caught by the spam traps were phishing emails, hunting for credentials, or any other information. 

Out of this, the remaining 3% carried a mixed bags of messages that had been carrying links to malicious websites or with those that were booby-trapped attachments. These were mostly hoping to install backdoors, remote access trojans (RATs), information stealer, exploits, or maybe download other malicious files. 

No matter what the source, phishing remains a pretty frighteningly effective tactic for the attackers, whatever their final objective maybe. There are some robust measures all organizations could use to verify as to whether or not an email has come from the person and source that it claims to have come from.

How Does DKIM Come to Rescue?

It must be ensured that an organization’s email security should be able to keep a check on every email that’s incoming, which would be against the authentication rules being set by the domain that the email appears to have come from. DomainKeys Identified Mail (DKIM) is one that helps look into an inbound email, in order to check if nothing has been altered. In case of those emails that are legitimate, DKIM would definitely be finding a digital signature which would be linked to a specific domain name.

This domain name would be attached to the header of the email, and there would be a corresponding encryption key back at the source domain. The greatest advantage of DKIM is that it provides a digital signature on your email headers so that the servers receiving it can cryptographically authenticate those headers, deeming it to be valid and original.

These headers are typically signed as ‘From’, ‘To’, ‘Subject’ and ‘Date’.

Why Do You Need DKIM?

Experts in the field of cybersecurity state that DKIM is pretty much needed in the day to day scenario for securing official emails. In DKIM, the signature is being generated by the MTA (Mail Transfer Agent), that creates a unique string of characters called the Hash Value.

Further, the hash value is being stored in the listed domain, which after receiving the email, the receiver could verify the DKIM signature by using the public key that is being registered in the Domain Name System (DNS). After this, this key is being used to decrypt the Hash Value in the header, and also recalculate the hash value from the email that it received.

After this, the experts would be finding out that if these two DKIM signatures are a match, then the MTA would be knowing that the email hasn’t been altered. Additionally, the user is being given further confirmation that the email was being actually sent from the listed domain.

DKIM, which was being originally formed by merging two station keys, Domain keys (the one created by Yahoo) and Identified Internet Mail (by Cisco) in 2004, and has been developing into a new widely adopted authentication technique that makes an organization’s email procedure pretty trustworthy, and which is specifically why leading tech companies like Google, Microsoft and Yahoo always check incoming mail for DKIM signatures.

DKIM Vs. SPF

Sender Policy Framework (SPF) is a form of email authentication that defines a process in order to validate an email message, one that has been sent from an authorized mail server in order to detect forgery and to prevent scam.

While most people hold the opinion that both SPF and DKIM must be used in organizations, but DKIM certainly has an added advantage over the others. The reasons are as follows:

  • In DKIM, the domain owner publishes a cryptographic key, which is being specifically formatted as a TXT record in the overall DNS record
  • The unique DKIM signature that is being attached to the header of the message makes it more authentic
  • Using DKIM proves out to be more fruitful because the DKIM key used by inbound mail servers to detect and decrypt the message’s signature proves the message to be more authentic, and unaltered.

In Conclusion

For most business organizations, not only would DKIM protect their businesses from phishing and spoofing attacks, but DKIM would also be helping in protecting customer relationships and brand reputation.

This is specifically important as DKIM provides an encryption key and a digital signature which doubly proves that an email wasn’t forged or altered. These practices would help organizations and businesses move one step closer improving their email deliverability and sending a secure email, that would be helping in generating revenue. Mostly, it depends on organizations as to how they would be using it and implementing the same. This is most important and relatable as most organizations would be wanting to free themselves from cyber attacks and threats.