New Encryption Minimums by June 2018

Transport Layer Security (TLS) is a cryptographic protocol that provides secure communications over the Internet. The initial release of TLS has known vulnerabilities and is no longer considered secure.

To ensure the security and integrity of email, most email hosts and servers will be requiring upgrades to the current version TLS. Google (the 800-lb gorilla in the email world) is also pushing for full sender authentication records in the Domain Name Servers (DNS). There are 2 records which verify the sender and one that tells the receiver what to do with any emails that fail either of the first two tests. To ensure you and your organization’s email continues to be delivered after June 2018, the following changes must be made:

  • Sender Policy Framework (SPF) is an email authentication protocol allowing the owner of a domain to specify which mail servers they use to send mail. The receiving email server will check the SPF record against the server actually sending the email. If the sending server isn’t listed in that SPF record, the message fails SPF authentication, and may be rejected.
  • DomainKeys Identified Mail (DKIM) allows an organization to take responsibility for transmitting a message in a way that can be verified by mailbox providers. This verification is made possible through cryptographic authentication.
  • Domain-based Message Authentication, Reporting & Conformance (DMARC) verifies email is authenticated against DKIM and SPF standards, and that fraudulent activity is blocked.

All MintzIT business clients under contract will have their email servers and protocols upgraded between March 13 and April 30. You should not notice any interference with your email flow or other IT activity.

If MintzIT is not under contract with your organization, we can still perform this work for you.

It is estimated this work will take no more than 2 hours, and can be done remotely.

To schedule your email security upgrade, contact MintzIT at 888.479.0690×1.