Email Security Explained: SPF, DKIM, DMARC, and MTA-STS

Introduction One security-related topic that is almost never discussed in courses, such as CPTS or OSCP, is email security. There is almost always a phishing exercise, but it never goes more than that. You never get to learn why the spoofed email was accepted in the first place and what could be done to prevent it. This is somewhat strange given that phishing remains one of the most common methods for obtaining an initial foothold in an environment! ...

July 3, 2026 · mollysec