The State of DNS Security — Where the Top…

A position snapshot of the full Majestic Million across three layers — DNSSEC signing, email authentication (SPF / DMARC / MTA-STS), and DANE. This is the scorecard: what is deployed, on how many domains, and how it’s distributed by rank and TLD. Remember Majestic Million is a bit old so a chunk of the domains no longer resolve, but the data gives a good thematic view.

Read more “The State of DNS Security — Where the Top Million Stands: DNSSEC, Email Authentication & DANE by the Numbers”

Email and Domain Security

Ok, this is a topic I’ve looked at for years, my views have been built up based on a range of things from the theory, the reality of what I find/see and the incidents I respond to and hear about.

I’ve used Claude largely for this because it’s meant as a quick snapshot in time and a high level thematic view. SPF, DMARC, MTA-STS and DNSSEC (and DNS/Domain management in general) are complex topics and there’s lots of nuance in things.

That said, who wants to see what ‘scanning’ 1 million domains looks like? Let’s take a look at what Claude has come up with:

Read more “Email and Domain Security”
Copyright (c) Xservus Limited