Author: admin

How to Secure Your Email and Keep it Out of Junk! Part 2

Posted on by admin


Currently, the three protocols you need to put into place to secure and authorize your email are SPF, DMARC and DKIM. This post will talk about creating a DKIM record. DKIM stands for Domain Keys Identified Email and is a somewhat more involved and challenging element to implement than SPF. DKIM also requires outgoing email servers to be authorized over and above just adding a DNS record.

DKIM requires a DNS record that includes a public cryptography key to help verify that a sender is allowed to send email for a given domain as well as the private key that is used for signing outgoing email. Adding a DKIM entry for a domain is basically the same as the SPF record; add a new TXT record but for the host name option, you will need to use the proper “selector” which is basically a prefix for your domain and then the public cryptography key. There are lots of ways to generate a proper key – on a Linux system, ssh-keygen tool can be used and on a Microsoft system, PuTTYgen can be used. For a Microsoft 365 hosted domain, double check the Admin portal as it will give you instructions on setting up the selectors properly. You can also search online for tools that will generate the proper public/private key pair. A sample DKIM entry may look something like the following:

TXT Record v=DKIM1; t=s; p=ASDJAQWERTSDNGFDSJKassdalkre

But that only covers the DNS entry portion of the DKIM record setup. The other half is getting a DKIM signer setup on a mail server. This is where we recommend to use Microsoft 365 to host your email as you can use their detailed guide on how to get this implemented.

Once you have all of the records in place, head on over to and just follow the instructions to test your records.

How to Secure Your Email and Keep it Out of Junk! Part 3

Posted on by admin


Currently, the three protocols you need to put into place to secure and authorize your email are SPF, DMARC and DKIM. This post will talk about creating a DMARC record. Without a DMARC record, and attacker can easily impersonate your domain and make any email look like it came from your account.

DMARC stands for Domain based Message Authentication, Reporting and Conformance – it is a protocol built on top of existing SPF and DKIM protocols. DMARC does a couple of things:

  1. It reads the results from SPF and DKIM
  2. It requires SPF AND DKIM to pass AND the domain used by both of those protocols has to be the same as the domain found in the ‘From’ address in order for DMARC to pass
  3. Reports SPF, DKIM and DMARC results back to the domain found in the ‘From’ address
  4. Tells receivers how to treat emails that fail the DMARC validation by specifying the policy in the DNS record

You will need to check with your hosting provided on the proper settings for a DMARC records. For example, with GoDaddy, you add a TXT record but make sure the host portion is “_dmarc”. Adding the actual DMARC record is probably best explained by showing an example record:

v=DAMRC1; p=quarantine;;; adkim=r; aspf=r; rf=afrf

  1. The “p” option has three choices: none, quarantine, or reject. This sets how the email should be handled if it violates the policy. You may want to start off with quarantine to test your record first and then move to reject when you are comfortable your settings are correct
  2. The “adkim” and “aspf” options define how strictly DKIM and SPF policy should be applied – “s” indicates strict and “r” indicates relaxed.
  3. The “rua” option provides an address for aggregate data reports and the “ruf” provides and address for forensic reports.

Once you have all of the records in place, head on over to and just follow the instructions to test your records.

An Example of What Ransomware Can Do

Posted on by admin

Here is a real world example of the danger and consequences of ransomware. Colonial Pipeline, who provides 45% of the East Coast’s fuel, had to shut down after it was hit with ransomware. Analysts have warned that a prolonged shutdown could lead to higher gas prices. Ransomware costs are expected to reach $20 billion this year alone!

Here is the link to the full story:

Beware of the Increase in Deepfakes!

Posted on by admin

The evolution of technology used for cybercrime is scary! Deepfakes are the latest trend and can be used to craft a realistic scam when used maliciously. Here is a short video to help you learn about deepfakes, the threats they pose and how to spot one.

A couple of Quick Tips from the video:

  • Slow down and don’t feel rushed into action
  • Watch for clues of a deepfake, such as unnatural movement or blinking

Here is the link to the video:

How to Secure Your Email and Keep it Out of Junk!

Posted on by admin

PART 1 – SPF Record

Currently, the three protocols you need to put into place to secure and authorize your email are SPF, DMARC and DKIM.  This first post will talk about the easiest to implement, Sender Policy Framework (SPF).

To quote Wikipedia:

(See Sender Policy Framework: “Sender Policy Framework (SPF) is an email authentication method designed to detect forging sender addresses during the delivery of the email. SPF alone, though, is limited to detecting a forged sender claim in the envelope of the email, which is used when the mail gets bounced. Only in combination with DMARC can it be used to detect the forging of the visible sender in emails (email spoofing), a technique often used in phishing and email spam.

SPF allows the receiving mail server to check during mail delivery that a mail claiming to come from a specific domain is submitted by an IP address authorized by that domain’s administrators. The list of authorized sending hosts and IP addresses for a domain is published in the DNS records for that domain.”

So why is this important to implement?  When Simple Mail Transfer Protocol (SMTP – the internet standard communication protocol for electronic mail transmission) was designed, it did not have any built-in security features, encryption or authentication.  What this means is that SMTP allows any computer or server to send email that claims to be from anyone you want it to be from – therefore someone can send an email to your customers claiming it came from your email address.  This is one of the largest exploits used by spammers and phishing techniques to get people to open an email that they should not.

How to implement?  It is as simple as adding a record in your DNS.  I will not go into how to specifically add a DNS record as there are too numerous of ways to do so depending on the provider hosting your DNS, but in all cases, it is the same information.  You will need to add a new TXT record listing the servers or computers that are authorized to send email for your domain.  The computers can be defined by IP address or by FQDN.  The SPF record itself needs to incorporate the following:

  1. Start with the SPF version.  In almost all cases, that will be v=spf1
  2. Follow up with all the IP addresses or FQDN that are authorized to send email for your domain.  For example: v=spf1 ip4:X.X.X.X ip6:X.X.X.X.X.X.X.X
  3. Next, include any third-party organization that is used to send email on your behalf.  For instance, if your web site sends email out using a third-party system on your behalf.  If you have ever wondered why email going out from your web site or your blog lands in your customers Junk folder, this would be one reason that happens.  For example: v=spf1 ip4:X.X.X.X
  4. When you have included all IP addresses and includes, you need to end the record with an ‘all’. The ‘all’ tag is an important part as it indicates what policy should be applied when the receiving end detects a server not listed in your SPF record. Here is the different ‘all’ tags:

-all:  Fail – servers that are not listed in the SPF record are not authorized to send email so reject

~all: Softfail – if the email is received from a server that is not listed, the email will be marked as soft fail ending up in the receiving ends ‘Junk’ folder.

+all: SHOULD NOT BE IMPLEMENTED as this tag allows any server to send email from your domain.

Here is a real-world example.  Anyone using Microsoft 365 would have this as a basic SPF record in their DNS:

v=spf1 -all

If you are signed up for our email security system, you would see:

V=spf1 -all

As you can see, if a domain publishes a SPF record, spammers and phishers are less likely to be able to forge emails pretending to come from you and are less likely to try.  Worst case scenario, those emails should show up in the receivers Junk folder which should be a warning in of itself.

What is 2FA? MFA? Are they the Same? Different?

Posted on by admin

You will see me talking about 2FA and MFA on quite a few posts and using the terms almost interchangeably – so what do they mean?

2FA stands for two-factor authentication and MFA stands for multi-factor authentication. 2FA really is just a subset of MFA.

MFA is a security protocol where a user is required to verify their identity by providing multiple pieces of identification before gaining access to either a device or application. Typically this is using at least two of the following factors:

  1. Knowledge – something only you know i.e. password, challenge questions
  2. Possession – something you have i.e. Yubikey, one-time password
  3. Inherence – something you are i.e. fingerprint, retina scan

So you can see how 2FA is just a subset of MFA as you only need to have two factors to successfully authenticate. For instance, using an ATM machine requires you to use your card (something you have) as well as your PIN (something you know).

Now if you add something like a USB device (we love YubiKeys!!!) that you have to plug into your system, you now have three factors needed for authentication and hence one example of MFA. A better example of MFA is to use a program or App that requires the use of an external device, like your phone, that requires your fingerprint (hence inherence) to unlock. This then allows you to accept the authentication on an app on your phone or to get a one time password generated by your phone app. If this seems a little confusing or if you are just intrigued, we will be posting more about our offerings of Duo Security and Passly that you can use to implement MFA in a secure way.

WiFi KRACKs Attack

Posted on by admin

Now that the information of the vulnerability in the WPA2 protocol has been released publicly, here is a link to what has happened:

The WPA2 protocol is used in every wireless device on the market today.  If you don’t want to read the whole article, basically what you need to do is to research if your Wireless Router, Access Point, IoT device etc. has had a firmware release to deal with this as well as making sure that all of your operating systems (Windows, Linux and yes, macOS) are updated.

For my customers, I have already applied the firmware updates necessary to negate this vulnerability.

Printer Stuck During Installation

Posted on by admin

If your printer gets stuck during the installation phase (i.e. doesn’t get past “initializing printer”), and you can’t ‘remove’ it to try again, here is one solution to get rid of it.

I have run into this issue more often lately and it has always been frustrating to clean up after a failed printer install.  The first step is to get into Device Manager – in Windows 8 and 10, right click the Windows Icon to get to the Quick Access Menu and then choose ‘Device Manager’.   Once in Device Manager, on the Main Menu, select ‘View’ and then ‘Show hidden devices’.

You can now scroll down to the ‘Print queues’ section and then delete the printer that is stuck initializing.

For good measure, go ahead and reboot your computer and then try again.  If you are installing a wireless printer, make sure your anti-virus program allows this process – there are unfortunately too many different anti-virus programs to give you a walk through on how to do this, but hey, ‘Google’ is your friend!

Link to Check Your Home Router

Posted on by admin

Here is a link to an online utility that can check your router to see if it has been hacked.  In the last couple of months, the number of routers that have fallen victim to certain vulnerabilities has risen drastically.  I will add that this appears to be more of an issue with European countries, but for the sake of a minute to run the check, it is worth it as these compromised routers can give an attacker full access to your home network and all of the devices on it.

Here is the link: Wordfence Router Check

The page explains what is going on and the button for the utility is about half way down – once again, just for the peace of mind, I would urge you to run this.  The site also gives some suggestions if it comes back with a vulnerability detection.