30.4% adoption vs. 12.8% enforcement: the DMARC gap

of 5.5M domains I scanned, 30.4% have a DMARC record

only 12.8% are at p=quarantine or p=reject

that means 57.9% of domains "doing DMARC" aren't actually enforcing it

they're collecting reports they probably aren't reading, some aren't even monitoring it at all!

a DMARC record at p=none is a monitoring declaration, not a security control

https://dmarcguard.io/research/email-authentication/

#DMARC #EmailSecurity #CyberResearch

RFC 6376 doesn't mandate rotation frequency, but best practice is every 6-12 months

unlike passwords, DKIM keys don't get brute-forced

they get extracted from breached servers or leaked configs

rotation limits the blast radius

the process:

1. publish new selector
2. update ESP signing config
3. verify via DMARC reports
4. remove old selector after TTL expiry

DMARCguard flags selectors that haven't rotated in 12+ months

https://dmarcguard.io/learn/dkim/

#DMARC #EmailSecurity #DKIM

NIS2 + DANE: the compliance angle nobody's discussing

NIS2 requires "appropriate and proportionate" measures for network and information system security, including encryption in transit

DANE (RFC 7672) provides cryptographic verification that your mail server's TLS certificate is authentic

for organizations in-scope for NIS2, DANE isn't optional hardening

It's a defensible technical measure for transport security

https://dmarcguard.io/learn/dane/

#DMARC #EmailSecurity #NIS2 #DANE

thank you to everyone who's tested the tools

thousands of domain checks through our free tools in the past few weeks

every check that surfaces a misconfigured SPF record or a missing DMARC policy is a small win

some of you have emailed me directly with questions

if you've been using the tools and found value, I'd genuinely appreciate you sharing them with a colleague who manages domains

https://dmarcguard.io/tools/

#DMARC #EmailSecurity #BootstrappedStartup #Community

Top malicious IPs observed on 2026-06-18

46.151.182.137 (The Netherlands) https://sh4meful.com/ip/46.151.182.137
140.110.108.218 (Taiwan) https://sh4meful.com/ip/140.110.108.218
2001:41d0:305:2100::4e7c (France) https://sh4meful.com/ip/2001:41d0:305:2100::4e7c
163.223.211.168 (Vietnam) https://sh4meful.com/ip/163.223.211.168
91.92.241.38 (The Netherlands) https://sh4meful.com/ip/91.92.241.38
220.134.175.115 (Taiwan) https://sh4meful.com/ip/220.134.175.115
3.93.139.220 (United States) https://sh4meful.com/ip/3.93.139.220
102.223.221.74 (Congo Republic) https://sh4meful.com/ip/102.223.221.74
178.16.53.39 (The Netherlands) https://sh4meful.com/ip/178.16.53.39
5.83.143.58 (Germany) https://sh4meful.com/ip/5.83.143.58

#infosec #spam #spoof #emailsecurity

Top malicious IPs observed on 2026-06-17

203.189.159.206 (Cambodia) https://sh4meful.com/ip/203.189.159.206
185.168.175.226 (Italy) https://sh4meful.com/ip/185.168.175.226
177.220.226.126 (Brazil) https://sh4meful.com/ip/177.220.226.126
168.194.102.105 (Peru) https://sh4meful.com/ip/168.194.102.105
153.125.138.166 (Japan) https://sh4meful.com/ip/153.125.138.166
140.110.108.218 (Taiwan) https://sh4meful.com/ip/140.110.108.218
103.220.206.138 (Bangladesh) https://sh4meful.com/ip/103.220.206.138
177.66.202.210 (Brazil) https://sh4meful.com/ip/177.66.202.210
170.245.31.128 (Brazil) https://sh4meful.com/ip/170.245.31.128
122.129.83.143 (Pakistan) https://sh4meful.com/ip/122.129.83.143

#infosec #spam #spoof #emailsecurity

Top malicious IPs observed on 2026-06-16

34.78.248.165 (Belgium) https://sh4meful.com/ip/34.78.248.165
34.52.202.124 (Belgium) https://sh4meful.com/ip/34.52.202.124
103.245.205.158 (Bangladesh) https://sh4meful.com/ip/103.245.205.158
46.151.182.137 (The Netherlands) https://sh4meful.com/ip/46.151.182.137
95.78.169.171 (Russia) https://sh4meful.com/ip/95.78.169.171
91.92.241.38 (The Netherlands) https://sh4meful.com/ip/91.92.241.38
103.119.144.150 (Indonesia) https://sh4meful.com/ip/103.119.144.150
41.211.125.101 (Cameroon) https://sh4meful.com/ip/41.211.125.101
190.15.111.218 (Brazil) https://sh4meful.com/ip/190.15.111.218
103.194.88.106 (India) https://sh4meful.com/ip/103.194.88.106

#infosec #spam #spoof #emailsecurity

Top malicious IPs observed on 2026-06-15

85.113.33.198 (Russia) https://sh4meful.com/ip/85.113.33.198
181.232.167.66 (Brazil) https://sh4meful.com/ip/181.232.167.66
177.152.106.50 (Brazil) https://sh4meful.com/ip/177.152.106.50
188.124.239.139 (Kazakhstan) https://sh4meful.com/ip/188.124.239.139
85.193.126.211 (Kazakhstan) https://sh4meful.com/ip/85.193.126.211
154.127.95.169 (Niger) https://sh4meful.com/ip/154.127.95.169
116.204.242.84 (Afghanistan) https://sh4meful.com/ip/116.204.242.84
95.59.32.227 (Kazakhstan) https://sh4meful.com/ip/95.59.32.227
1.62.150.22 (China) https://sh4meful.com/ip/1.62.150.22

#infosec #spam #spoof #emailsecurity

domains with SPF+DKIM+DMARC at enforcement see 2.7x better inbox delivery compared to unauthenticated domains

this number is aggregated across deliverability studies and consistent with what I see in report data

mailbox providers use authentication signals in their spam scoring

full auth doesn't guarantee the inbox, but missing auth almost guarantees the spam folder

https://dmarcguard.io/tools/domain-health-check/

#DMARC #EmailSecurity #EmailDeliverability #InboxPlacement

Apple plans change to Hide My Email that could make it less effective

https://techcrunch.com/2026/06/16/apple-plans-to-change-its-hide-my-email-privacy-feature-that-could-make-it-less-effective/

#HackerNews #Apple #Hide #My #Email #Privacy #TechNews #EmailSecurity