The Status Line

SPF Demystified: The Complete Guide to SPF Records

Thu, 12 Dec 2024 00:00:00 +0700

Whether you host your own mail server or you outsource your email needs, if your domain sends even a small amount of email, you need a robust, accurate SPF record. Your SPF record helps protect your domain's reputation by making it more difficult for spammers, phishers, and other evildoers to spoof email from your domain. When you publish an SPF record, you let other mail servers know exactly which hosts are allowed to send mail for your domain, and which are not. Large email services may even refuse mail from domains with a missing or invalid SPF record, tightening their stranglehold on email. And, unfortunately, even a small error in your SPF record can make it invalid, resulting in bounced or lost outgoing mail for your domain. It's important that you get your SPF record right.

This guide provides a detailed explanation and several examples to help you understand SPF: what it does, how it works, and how to build a suitable SPF record. If you just need a quick solution, though, our SPF Record Wizard can walk you through the process, check for common mistakes, and suggest an SPF record for your domain, suitable for copy-pasting into a DNS TXT record.

SPF Record Wizard

Sat, 23 Nov 2024 00:00:00 +0700

The Worst Passwords of 2024?

Fri, 15 Nov 2024 00:00:00 +0700

NordPass has published their 2024 list of the 200 most commonly-used passwords and, apparently, many people still haven't gotten the memo about password security. Is one of your passwords on this year's list? Well, probably not. NordPass' data comes from a large database of passwords, presumably passwords that have been made public after online service data breaches. A closer look at the data gives some interesting insights into both the psychology behind passwords and websites' adherence to security "best practices." But it also raises some questions about the methodology NordPass used to generate the list. The closer I looked at NordPass' annual list, the more questions I had.

This year, NordPass' crown of dishonor goes to "123456" as the world's most common password in 2024. But is it really? In this article, I'll take a look at NordPass' data, which may not be quite what's on the label, and, just for fun, I'll compare it to some recent password data of my own, collected originally for my recent A Month of Bans article.

A Month of Bans: A Cybersecurity Review

Thu, 07 Nov 2024 00:00:00 +0700

If you've ever maintained a public internet server, either as a hobby or as a job, you're no stranger to random probes and port-scans from evildoers looking for trouble. You've seen brute force attempts to log in to servers or email accounts, probes for vulnerable web services, SYN floods, spammers checking for open relays, and many other attacks. If your server is on the internet, it's a target. Many hobbyist and small business systems administrators use Fail2Ban to respond to these threats. Fail2Ban is an always-vigilant process that monitors system logs and responds to perceived attacks by temporarily blocking the attacker's IP address at the firewall level.

Fail2Ban has served me well, but I wanted to gain some additional insight into the origins and behaviors of the villains behind the attacks. During the month of October, I used a custom Fail2Ban script to collect geolocation and other data about each IP address that Fail2Ban identified as malicious on three hosts, including 2 web servers and a mail server. Here are the results.

A 3-2-1(-1-0) Backup Plan for Your Synology NAS

Sun, 03 Nov 2024 00:00:00 +0700

It’s late at night and Raul is frantic. He’s desperately searching for an important electronic document he needs for work. He knows it’s on his NAS somewhere, but he can’t remember where he saved it. His frown deepens as he opens folder after folder, not finding what he needs. Then his blood runs cold as he remembers deleting a swath of “unneeded” files last week as part of his annual Spring cleaning. And he has no recent backup. He’d been meaning to back up his NAS, but he kept telling himself he’d do it later.

Raul wakes in a cold sweat. It was all a bad dream. Whew! To reassure himself, and vowing to back up his data right now, Raul gets up and boots his computer. But he realizes all is not well as the computer finishes booting: