tools
What do you do for DMARC monitoring reporting? I’ve used OnDMARC by Redsift, dmarcian and EasyDMARC and I like different things about all three of them. I’d say they’re all worth looking at, but I don’t want to dive too deeply down the hole of which one is best for SMB, enterprise, etc. I could spend many hours investigating (and I’ve already spent a few) and who knows if I would come up with the best answer. (I’ve also looked at the Postmark free tier and it seems like it might be “good enough” for really small senders with light needs.) But together, that’s only four out of the universe of DMARC solution vendors out there. Is there a master list somewhere, with every possible one on it? It turns out that there is! DMARCVendors.com tries to be just that. I’m not sure who is behind this site, but I’ve
Steve Atkins from Word to the Wise just released a very cool new tool called Aboutmy.Email. Bookmark it now! What do you do with it? Go to the Aboutmy.Email website, copy the unique email address it hands you, and launch your newsletter or campaign to that address. What happens next? Aboutmy.Email gives you a detailed report, checking your domains, headers, content and more to look for problems. It even has a “Good Practice” review section, which is code for “Does your email seem to comply with the new Yahoo and Gmail sender requirements?” Want to see an example report? Here’s one for a Spam Resource newsletter. What are all the checks it does? Steve says that it reviews: SPF, DKIM, DMARC BIMI, including details about the certificate and image What IP address it was sent from, and whether it has valid DNS The size of the mail as sent (no
Happy 2024, everyone! We’ve released a shiny new tool to let folks self-check a lot of common questions we see about email requirements. Go to AboutMy.email and send an email to the email address it gives you. Once it receives that email it will go through it and do many of the basic checks we’d usually do to check the technical health of a client’s email1 and displays a detailed report of what it finds. Details it reports on include SPF DKIM DMARC BIMI, including details about the certificate and image What IP address it was sent from, and whether it has valid DNS The size of the mail as sent (no more arguments about Gmail clipping size) The SMTP session as it was delivered The raw payload of the mail as delivered Checks for line length, non-ascii characters, non-CRLF line endings Headers, both pretty (including RFC 2047 decoded) and
Today, I’m proud to announce the re-launch of Wombatmail! Here I’ve consolidated all of my different tools together (and create some new ones), and do some other fun new stuff, and that will all be centralized under Wombatmail. Over at www.wombatmail.com you will find: Wombatmail Tools: I’ve moved over most of my DNS tools from XNND, and they’ll now live here on Wombatmail. It’s a great place to quickly look up a domain’s MX record, DMARC record, BIMI record, and more. If you poke around, you might find a funky or unique tool here in there, like the DKIM selectors/key search or multi-public DNS server checks to monitor a delegation/caching issue. Nothing too fancy, just simple tools to help you do simple checks when needed, all me and all free. I’ll link you to useful tools from other, too, as needed. Wombatmail Data: One of my “fun with data” projects where I’ve taken the top 10 million domains, appended MX records
Our Single Sign-On (SSO) support leverages Security Assertion Markup Language (SAML) version 2 for Enterprise users. This expedites access to your dmarcian account by letting you sign in with your existing corporate credentials, which means one less password to keep track of. With our SSO, you can easily manage SSO access and user permissions to all of your accounts in dmarcian centrally while adhering to your organization’s security and access policies. Before getting into the details for SSO configuration, let’s first talk about some basic concepts and terminology: Authentication Authentication defines how the user is identified in a system—usually through a login process. Traditionally, a user registers for an account providing authentication credentials (username and password) and uses them to log in moving forward. In the past, this has been sufficient, but it does have limitations. For example, what happens if you have a several employees at your company that you want to grant access
Based on domain events that act as triggers for sending alerts, the highly customizable Alert Central feature on dmarcian’s DMARC Management Platform allows you to monitor your domains without having to login to your dmarcian account. Events could include new or changed DNS records (e.g. we see a new DMARC record) and fluctuation in volume across categories of traffic for your domains. You can choose from common communication channels for alerts—email, Slack, Teams or webhook. The alert will provide you with the details of the event and a link to your dmarcian Timeline for you to get even more information. How does Alert Central Work? Alert Central is based around the dmarcian Timeline. Like the Timeline, you choose which changes to track, and the alerts ensure that you’re aware of the changes in real time. When we notice a DNS change, a change event gets triggered. If a DNS record
Did you know? For the past fifteen years, I’ve run a simple little website at xnnd.com that provides a set of DNS lookup tools. My goal was to have a simple set of tools to help you troubleshoot DNS issues. You can do things like look up DMARC settings for a domain, try to find the DKIM selector(s) in use for a domain, check a domain’s BIMI record, query the same IP or domain against a bunch of different public DNS servers all at once (helpful to catch intermittent or propagation-related issues), and a few other things. This past weekend I moved XNND from Amazon’s AWS to Google Cloud (partly to save some money, and partly to see if I could do it), and so far it seems to have moved over just fine — but if you see anything amiss, please feel free to let me know!
If you’ve ever typed “echo hi | mail user@example.com” from a *nix prompt. then you’re familiar with the unix “mail” command, typically part of GNU Mailutils, which, if not already installed on your linux box, you added via “yum install mailutils” or “apt-get install mailutils.”I just did this myself, after repurposing my 12 year old VPS (my oldest active server!) into a dedicated MTA. It’s not going to host any websites, it’s not going to hold any email list data, it’s not going to have a bunch of other random stuff beyond just being a nice and fast and clean Postfix install that is on a server with a dedicated IP address that has 12 years of solid deliverability history. Truly, there’s value in a good email reputation history.Anyway, so I’m setting up occasional alerts. Some more complex than others, but sometimes just something simple that sends output like “echo
I did a class at M3AAWG teaching the basic mechanics of sending an email, both really by hand using dig and netcat, and using SWAKS. No slides, but if you’re interested in the script I’ve posted a very rough copy of my working notes here.
Julia Evans aka b0rk is somebody smart that I follow on Twitter. She created this super cool tool that I’ve linked to on social media before, called Mess with DNS, providing you with a safe space to learn about DNS by doing — letting you set up DNS records under a test domain she’s got set up — so you can truly “mess with DNS” without breaking anything for your own (or your employer’s) domain.And now she’s back with something new and super cool — a 28-page guide (zine) called “How DNS Works!” Guess what it explains? Yep, how DNS works. Lots and lots of detail here, very useful for somebody who wants to better understand how the domain name service actually works. And when you’ve got the guide in hand (available for a modest fee from her zines website), then head on over to “Mess with DNS” and practice…