Mailhardener blog
Why Mailhardener recommends SPF softfail over fail
Mailhardener recently started displaying a warning if a domain uses an SPF 'hard' fail catch-all term (`-all`).
Following this decision, we got many questions from our community. In this article we'll explain why Mailhardener displays this warning, and why it is often safer to use the SPF softfail.
Introducing IAM and multi-tenant support
We are excited to introduce IAM and multi-tenant support to the Mailhardener suite.
With multi-tenant support it is now possible for Managed Service Providers (MSPs) and Enterprise customers to facilitate fine-grained access control to domains managed in a Mailhardener account.
Using IAM, team members can be restricted to a subset of functionality and resources (domains).
Microsoft releases DANE support
Microsoft has officially released DANE/TLSA support for their Office 365 Exchange Online services.
With DANE/TLSA Office 365 Exchange Online customers are now better protected against email downgrade attacks.
Introducing Mailhardener BIMI asset hosting
We are proud to introduce Mailhardener BIMI asset hosting as part of the Mailhardener suite.
Mailhardener BIMI asset hosting makes adoption of BIMI a true set-and-forget experience.
Office 365 leaks BCC domains
Microsoft hosted Exchange, part of the Office 365 suite, suffers from a data leak that can unintentionally disclose the domain name of a BCC address to all recipients. Mailhardener was able to reproduce this behavior, in this article we perform a full analysis of the issue.
The SPF lookup limit explained
An SPF policy may not require more than 10 additional DNS lookups to fully evaluate, exceeding the limit may cause deliverability issues. In this article we explain why, and how to prevent this issue.
The current state of BIMI
In this blog post we'll have a look on what the current state of BIMI is, and answer some common questions.
Microsoft has begun sending SMTP TLS reports
Good news on the adoption of SMTP TLS reporting: since the 25th of August 2020, we are seeing SMTP TLS reports being sent by Microsoft!.
Mailhardener is now self-learning
The December release of Mailhardener introduces a new domain overview page, which is made possible thanks to the introduction of our new self-learning algorithm.
The all new self-learning feature gives you much better insights into the status of your domain security, with features such as forwarding detection and asset discovery.
SPF merge guide
A domain can have only one SPF record. If you need to authorize a new email service to use your domain, you must add the service to your existing SPF record.
In this article we'll show you how to add new SPF terms to your domain by combining records.
The SPF redirect explained
The SPF redirect modifier is a lesser known feature of SPF that may cause some confusion about its intended use.
In this article we'll dive into SPF redirect, when (not) to use it and how to avoid common pitfalls with it.
Do not flatten your SPF record
Flattening SPF records supposedly optimizes SPF, but often causes more problems than it intends to improve.
In this article we discuss why you should not flatten SPF and what methods you should use instead to improve email deliverability.
Introducing hosted MTA-STS
Mailhardener now has full support for MTA-STS and SMTP TLS reporting.
We are also proud to introduce hosted MTA-STS as part of the Mailhardener suite.
How to enter TXT values in Google Cloud DNS
Google's popular Cloud DNS service is mostly excellent, but the interface is rather confusing when it comes to adding `TXT` type records.
In this blog post, we'll explore how to work with TXT records in Google Cloud DNS, and how to fix the 'invalid record data' error.
5 common mistakes with SPF
At Mailhardener, we analyse many domains for email security on a daily basis. This puts us in a unique position to list the most common made mistakes.
In this blog post, we'll discuss the 5 most common made mistakes in SPF.