Defence blues

MTA-STS configuration

Red wilds
Privacy greenhouse
Purple crossroads
Indigo observatory
Contact

Initializing search

Defence blues

Mostly harmless, occasionally heroic
Mostly harmless, occasionally heroic
- Golem Trust Computing Ltd.
- Department of Silent Stability
Going places
Going places
- Blue team @SOC
- Blue team for dev
- Blue team @Home
- Bulletproofing servers
  Bulletproofing servers
  - The wake-up call
  - Hardening Linux server
  - Hardening webserver
  - Smarter mail servers
    
    Smarter mail servers
    
    Types of mail servers
    
    Securing Postfix: MTA & SASL authentication essentials
    
    DNSSEC: Better than nothing, but not a silver bullet
    
    Securing email transport: TLS, DANE & MTA-STS
    
    Securing email transport: TLS, DANE & MTA-STS
    
    The Problem with STARTTLS: A Flawed Upgrade
    
    TLS configuration
    
    DANE configuration
    
    MTA-STS configuration
    
    SPF: The first line of defence against email fraud
    
    Domain Keys Identified Mail (DKIM)
    
    Domain-based Message Authentication, Reporting and Conformance (DMARC)
- Honeytech for humans
- Stormforge

MTA-STS configuration¶

Introducing MTA Strict Transport Security (MTA-STS)

2025-12-27 18:14

© Copyright 2025, TyMyrddin.

Created using Sphinx 7.2.6. and Sphinx-Immaterial

Made with love in the Unseen University, 2025, with a forest garden fostered by /ut7