<img height="1" width="1" style="display:none;" alt="" src="https://dc.ads.linkedin.com/collect/?pid=62700&amp;fmt=gif">
ValiMail
Valimail’s Email Authentication as a Service ™ gives you full control and visibility of your email services.

An Open Letter to the Trump Administration

An Open Letter to the Trump Administration
The unofficial hat.

Dear President-Elect Trump:

As you take office on January 20, we are writing with a modest proposal: Make email great again.

In particular, we ask you to take steps to restore the public’s trust in government email.

Right now, it’s far too easy for devious people, whether they are agents of a foreign power or just a 400-pound hacker sitting on a bed somewhere, to impersonate Federal agencies. It’s as simple as putting “NSA.gov” in the From: line of his email message, and Joe Cyber can make it look like he is actually the new director of the NSA sending you an email message.

That’s because too many agencies are not taking advantage of open email authentication standards. Email authentication means that whenever you receive an email, you can trust that it comes from where it appears to come from. It’s like a certified, validated return address.

But as the commander in chief of the United States, you will want citizens to trust their government, not be suspicious of every email that it appears to send them.

Besides, we know cybersecurity is important to you and to the office of President.

The good news is that you can have a big impact, immediately. Frankly, email authentication among Federal agencies is a mess.

Here are some of the Federal domains that don’t have email authentication, or which have set something up but have serious problems:

Here are a few that have some basic authentication (via a standard called SPF), but lack the most modern, most effective form (called DMARC):

In fact, of the 10 Federal domains we checked today, only one — SSA.gov — has complete email authentication in place and working properly.

Here’s an easy win: Include email authentication in that hacking defense report you promised.

Then ask your cyber people to implement email authentication (including DMARC) for all of these agencies. You will immediately cut off a big potential source of fraud. You will have slammed the door on hackers who start their attacks through phishing emails, greatly increasing the public’s peace of mind.

And you will have done your part to wipe out email’s original sin.

Respectfully,

The Team at ValiMail

Security Email Cybersecurity Donald Trump Hackers

ValiMail
Valimail’s Email Authentication as a Service ™ gives you full control and visibility of your email services.
The ValiMail Blog: Return to Sender

The ValiMail Blog: Return to Sender

Everything you ever wanted to know (but were afraid to ask) about email authentication DMARC, SPF, DKIM, and how they can stop fraud and phishing.