Learn

Email & DNS Learning Hub

Long-form guides to SPF, DKIM, DMARC, deliverability, and domain security — problem-first, with examples and links into tools.

BIMI Setup Guide — Show Your Logo in the Inbox

Enforced DMARC, Tiny PS SVG, VMC, and the default._bimi TXT — prerequisites before Gmail shows the avatar.

~7 min read
PCI DSS v4.0 DMARC Requirements — Compliance Checklist

Requirement 5.4.1, p=reject vs p=none, audit gaps, and how to evidence it with Preflight + reports.

~8 min read
MTA-STS Setup Guide — Force TLS for Incoming Email

Force TLS on incoming email — prevent silent downgrade attacks.

~5 min read
Path to DMARC p=reject — Step by Step Roadmap

Step by step from p=none to p=reject in 4-8 weeks.

~7 min read
How to Set Up DMARC: The Complete Guide

Policy, aggregate reports, alignment fixes, and a safe path to p=reject.

~9 min read
How to Set Up an SPF Record: The Complete Guide

Build one TXT, stay under the lookup limit, fix PermError, test with Preflight.

~8 min read
How to Set Up DKIM: The Complete Guide

2048-bit keys, selectors, DNS publication, rotation, and DMARC alignment.

~7 min read
Email Deliverability: The Complete Guide

Authentication, reputation, content, engagement — diagnose inbox placement.

~7 min read
DNS Records Every Email Sender Needs

MX, SPF, DKIM, DMARC, PTR — what each does and how they fit together.

~7 min read
Domain Security: Expiry, Locks, and WHOIS

Auto-renew, transfer lock, privacy, auth codes — keep the root of trust.

~6 min read
Subdomain Security: Dangling Records

Takeover mechanics, cloud targets, and how to find CNAMEs you forgot.

~6 min read
DMARC Reporting: Aggregate Reports

rua mailboxes, XML triage, and acting on what you find before tightening policy.

~6 min read
Self-Hosted Email: SPF, DKIM, DMARC, PTR

Port 25, reverse DNS, warm-up, and monitoring for your own MTA.

~6 min read
Email Brand Protection: DMARC & Typosquats

Stop spoofing, find lookalikes, audit dangling DNS — one checklist.

~6 min read