(See new info at end!) Hey, big senders! It's time for another update regarding enhanced sender requirements put forth by a large mailbox provider. This time around, it is French mailbox pro…
Read more
As of July 3, 2025, Cloudflare is enforcing a new requirement for its Email Routing platform: Messages must be authenticated with either SPF or DKIM in order to be forwarded. No…
In my latest Valimail Ask Al Video , I walk through four specific email authentication failure scenarios, things that could trip you up when sending email to Microsoft recipients…
It's been a light week as far as me posting things on Spam Resource. The reason for that? I've been so busy with the release of Valimail's 2025 Disinformation and Ma…
More than one recorded video this week, huh? My apologies; I’m traveling this week and time to create content has been cut a bit short. Also, I’m admittedly quite proud of everyt…
If you're seeing SPF alignment failures when using an email service provider platform, don’t worry! This is such a common point of confusion among senders (and it even came u…
Did you know that the latest version of the PCI (Payment Card Industry) Data Security Standard references DMARC? But it wasn't quite clear to me if DMARC is specifically requ…
If you’ve run into a DKIM failure with the error "dkim=fail (no key for signature)" in the authentication results header, you’re probably wondering what’s wrong and how…
Author Domain Signing Practices (ADSP) is an add-on to DKIM email authentication. It provided domain owners with the ability to define a policy that asks mailbox providers to di…
For last week's Tuesday Tip , I shared my top five recommendations for DKIM best practices. Mostly (hopefully) easy things you can implement in your DKIM consideration, or nu…
Here's a quick peek at some new data -- and it surprised me! Of the top ten million domains , only about half of them publish SPF records. I'm not even talking about SPF …
Finally! It's time for another Spam Resource Tuesday Tip. The goal? To share short and actionable deliverability tips and tricks. More often simple hacks than deep deliverabi…
As I've done for a while now, I continue to track DMARC adoption month-by-month by caching DNS data (including DMARC records) for the " top ten million domains " da…
Last week on the Valimail blog, I shared a status update on the DKIM L= tag vulnerability that allowed bad guys to repurpose signed email messages, replace or append their own b…
The messaging around inbox placement and authentication has always been nuanced, and it's easy to misunderstand. To be clear, email authentication doesn't guarantee inbox…
Is Microsoft getting on the Yahoogle bus? Maybe that's too silly a way to frame such an important question. Let's reframe this more specifically. The question ultimately…
On Friday, May 17, 2024, security researchers from ZONE published details of a vulnerability inherent to the DomainKeys Identified Mail (DKIM) email authentication protocol – on…
It's great to see folks writing about DMARC and how important it is to email security and deliverability. It's especially wonderful to have been given the chance to inclu…
Bleeping Computer’s Sergiu Gatlan reports on a dire DMARC warning from the US National Security Agency (NSA): It seems that North Korea loves to send phishing emails, and they se…
Here’s an update to something I last answered a couple of years ago: Hey, Al! I was wondering if you could provide some guidance about SPF record format. Is it better to list th…
