Skip to main content
Information Security

Questions tagged [email]

Related to email protocols, clients, servers, content, and message format.

Filter by
Sorted by
Tagged with
5 votes
1 answer
134 views

I recently received an email that shows a summary/snippet in my inbox, which is not visible when opening the email. I checked the source and found that the suspect text is wrapped in a zero-height ...
James B's user avatar
  • 191
1 vote
0 answers
2k views

Someone opened an Electronic Arts (EA) gaming account with my email address, and was able to pass email verification. I noticed this due to the unexpected email traffic related to welcome and address ...
20 votes
1 answer
4k views

I signed up for a free email address that I haven't used for anything critical, but after getting "pwned" in a data breach, I noticed, courtesy of haveibeenpwned, that the address had ...
1 vote
1 answer
69 views

Sometimes when I send emails to new addresses, in relatively short periods of time I start to receive new kinds of spam. This pattern makes me to think that the spammers can somehow get my email ...
Imsa's user avatar
  • 111
0 votes
1 answer
172 views

I am working on securing e-mails, and I have encountered opportunistic TLS. I have this issue where a server I am sending e-mails to is configured to not accept anything lower than TLSv1.3. However, ...
Bun's user avatar
  • 3
0 votes
2 answers
157 views

I was just wondering what the downsides of the following approach would be: The email address I store is hashed (with a pepper that is db wide). This should (in my theory) better protect users in case ...
4 votes
0 answers
188 views

I'm trying to implement an email verification system (and also authentication system). I've decided against magic links as, even though they can be more secure, the user has a 50% change to begin the ...
5 votes
2 answers
1k views

I'm trying to understand how large email providers handle their DMARC records. I've taken a look at Gmail, and I'm a bit confused as to why they don't have a policy set for the main domain (p=none). ...
Hysii's user avatar
  • 249
3 votes
2 answers
601 views

I've just set up sending emails from my domain with Google workspace, and have just learned about SPF, DKIM, and DMARC. I'm wondering, what use is SPF in the modern internet. Probably half the ...
0 votes
0 answers
446 views

I went to check my email and I noticed that I was flooded with emails from different companies that I never heard of before asking for email verification. I checked on my google account and from the ...
Kono M's user avatar
  • 1
1 vote
1 answer
155 views

I have my personal email address set as a "send as" option on gmail. Let's call it [email protected]. I don't use Google for any services relating to mydomain.com, so I don't have an admin ...
0 votes
0 answers
104 views

If a user configures 2FA, and then he logs in from a new location, should we send an email to inform him that he just signed in from a new location? Even if it's not common, unnecessary notifications ...
2 votes
1 answer
297 views

It's not that explicit of a question, so let me give you some details about a client of mine who happens to be scammed. An important email arrived with altered content (account numbers) from my client ...
p1100i's user avatar
  • 123
1 vote
1 answer
164 views

As we know some important information can be found in MIME Boundary field in email headers. Such as the one described in this interesting link (Dates in Hiding Part 2 — Gmail MIME Boundary Timestamps) ...
1 vote
0 answers
448 views

In an email forensic study, I want to know the meaning of the field "X-UI-Sender-Class" in email header and how can we decode this information. Note: the email is sent from mail.com Email ...
user1973744's user avatar

15 30 50 per page
1
2 3 4 5
...
122

AltStyle によって変換されたページ (->オリジナル) /