Guidance

Email security standards

This guidance explains how you can apply common security standards in your organisation to secure email.

• From: Central Digital and Data Office
• Published: 19 February 2016
• Last updated: 15 March 2021 — See all updates

Documents

Using Domain-based Message Authentication, Reporting and Conformance (DMARC) in your organisation

Using DomainKeys Identified Mail (DKIM) in your organisation

Using Sender Policy Framework (SPF) in your organisation

Using Transport Layer Security (TLS) in your organisation

Using the Mail Transfer Agent Strict Transport Security (MTA-STS) protocol in your organisation

Using TLS Reporting (TLS-RPT) in your organisation

Details

Read this guidance to understand how Domain-based Message Authentication, Reporting & Conformance (DMARC), DomainKeys Identified Mail (DKIM), Sender Policy Framework (SPF) and Transport Layer Security (TLS) are used in email security.

Published 19 February 2016
Last updated 15 March 2021 + show all updates

1. 15 March 2021

   Adding pages on the MTA-STS and TLS-RPT protocols

2. 19 February 2016

   First published.