Guidance

Email security standards

This guidance explains how you can apply common security standards in your organisation to secure email.

From:
Government Digital Service and Central Digital and Data Office
Published
19 February 2016
Last updated
15 March 2021 — See all updates

Documents

Using Domain-based Message Authentication, Reporting and Conformance (DMARC) in your organisation

HTML

Using DomainKeys Identified Mail (DKIM) in your organisation

HTML

Using Sender Policy Framework (SPF) in your organisation

HTML

Using Transport Layer Security (TLS) in your organisation

HTML

Using the Mail Transfer Agent Strict Transport Security (MTA-STS) protocol in your organisation

HTML

Using TLS Reporting (TLS-RPT) in your organisation

HTML

Details

Read this guidance to understand how Domain-based Message Authentication, Reporting & Conformance (DMARC), DomainKeys Identified Mail (DKIM), Sender Policy Framework (SPF) and Transport Layer Security (TLS) are used in email security.

Updates to this page

Published 19 February 2016
Last updated 15 March 2021 show all updates

  1. Adding pages on the MTA-STS and TLS-RPT protocols

  2. First published.

Sign up for emails or print this page

Related content