Securing email services – DMARC and TLS

Email security enhancements are an easy modification to make to corporate mail services, and standards such as DMARC and TLS are relatively straightforward ones to roll out.

DMARC initiatives over in the US are showing how effective a coordinated programme can be if executed correctly.

InfoSecurity Magazine has a good article on the subject, with some excellent statistics:

https://www.infosecurity-magazine.com/news/dmarc-adoption-surges-ahead-mandate/

Configuring Apache to use TLS 1.2

In this brief blog post, I wanted to run through the steps needed to configure Apache to use SSL and TLS. I will also discuss the importance of configuring the apache cryptosystem correctly, by disabling less preferable protocol versions due to a variety of security concerns (SSL 2.0, SSL 3.0, and TLS 1.0).

Continue reading “Configuring Apache to use TLS 1.2”