Connect with us

Hi, what are you looking for?

News

We’ve revised our SMIME email security standard

Published

SMIME

SMIME Email Security Revised: Following challenges around support inconsistencies and a mobile shortfall with SMIME, the SigniFlow development team has taken the decision to change the default email policy for cloud and hybrid servers.

As of 1 October 2021, SigniFlow’s default email security will subscribe to the DMARC authentication standard, in lieu of SMIME.

The change in mail standard is based on SigniFlow’s core design priority, i.e. security. Since inception, security has been the driving factor behind all SigniFlow system changes and development decisions.

In recent months in particular, SMIME has become a cumbersome process for many of our clients’ document recipients. Specifically, because SMIME is not widely introduced on mobile devices, messages on these devices end up being displayed as attachments, as opposed to the intended format.

The screenshot below illustrates this issue:

Similarly, with many organisations having introduced email scanning services like Mimecast, the scanning and flagging of emails effectively breaks the signature and shows the email as being tampered with.

The screenshot below illustrates this issue:

Introducing DMARC

DMARC (Domain-based Message Authentication, Reporting & Conformance) is a technical standard that helps protect email senders and recipients from advanced threats that can be the source of an email data breach. DMARC email security provides a way for domain owners to outline their authentication practices and specify the actions to be taken when an email fails authentication. DMARC also provides a way for recipients to report on email that fails authentication.

DMARC benefits businesses by providing another layer of protection that guards against attacks like impersonation fraud, where an attacker uses a legitimate domain to send a fraudulent message.

How will it work going forward?

As of October 2021, mails will no longer be signed with SMIME certificates by default. Instead, SigniFlow will be adopting SPF, DKIM and DMARC records to ensure email origination can be validated by receiving mail servers.

SMIME signing of emails will still be available as a feature, and can be enabled on request for hybrid server clients.

For more information, read Agari’s email security blog HERE, or this LinkedIn article by cybersecurity professional, Marnix Dekker, HERE.

REFERENCES

  1. Mimecast: What is DMARC
  2. LinkedIn: https://www.linkedin.com/pulse/stop-asking-encrypted-email-marnix-dekker/
  3. Agari.com: https://www.agari.com/email-security-blog/dmarc-101-part-smime-spf-dkim/

Print Friendly, PDF & Email
In this article:

You May Also Like

DocPrepper Auto Tagging allows you to dynamically template document fields. DocPrepper Auto Tagging allows you to dynamically template document fields.

Electronic Signatures

DocPrepper system sees the introduction of tags

We've updated our document preparation platform to make your day less repetitive, and more rewarding.

November 29, 2022
Unlimited electronic signature licensing for the Enterprise Unlimited electronic signature licensing for the Enterprise

Electronic Signatures

Unlimited Electronic Signature License for the Enterprise

Submitted by David Saunders, SigniFlow Regional Director - ANZ I APAC

November 15, 2022
Carbon Neutral companies Carbon Neutral companies

Electronic Signatures

Carbon neutral: What does it mean, and why should businesses care?

Submitted by Luke Iyer, SigniFlow Solutions Engineer

November 15, 2022
Business People Business People

Electronic Signatures

Tipping the licensing scales: Introducing flexible eSignature license models

Today’s new problems need new solutions: The per-document, per-transaction, or per-envelope licensing model is no longer viable.

February 14, 2023
Ricoh Australia Ricoh Australia

Asia Pacific

SigniFlow joins NSW panel, appoints Ricoh Australia to assist

Published by iTWire on 6 December 2022

December 13, 2022
Things your smartphone replaces Things your smartphone replaces

Electronic Signatures

High-Tech Hustle: 20 Jobs Your Smartphone Does Better

Submitted by Melissa Pretorius, SigniFlow Media Engineer

October 13, 2022

Asia Pacific

Ricoh Australia named SigniFlow’s service delivery partner for NSW Govt panel

Published by CRN on 5 December 2022

December 7, 2022
Want to get healthy? Get organised Want to get healthy? Get organised

Electronic Signatures

The key to a healthy mind & body lies in being organised (and science can back that up)

Looking to be a better version of yourself in 2023? If you only get one thing right this year, let it be getting organised.

January 25, 2023
Why our users love SigniFlow Why our users love SigniFlow

Electronic Signatures

Why our users love SigniFlow

As we bid farewell to the month of love, we decided to share real feedback from our valued users. We can tell you how...

March 8, 2023
Uncovering digitisation's hidden costs Uncovering digitisation's hidden costs

Electronic Signatures

Digitisation: How to Avoid The Pitfalls Of Hidden Costs

In this Q&A article, we explore how traditional eSign license models often erode digital transformation budgets, and present alternative licensing models that enable businesses...

October 20, 2022

Copyright © 2023 - SIGNIFLOW© SOFTWARE
Disclaimer: The information in this BLOG is provided for general informational purposes only and is the opinion of the author only. No information contained in this blog should be construed as legal advice from SigniFlow or the individual author, nor is it intended to be a substitute for legal counsel on any subject matter. No reader of this blog should act or refrain from acting on the basis of any information included in, or accessible through, this blog without seeking the appropriate legal or other professional advice on the particular facts and circumstances at issue.