Blog

Practical insights on email deliverability, security, and infrastructure — based on real findings from working with 450+ organizations.

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Newest

Email Security

2.3 million emails. One exposed API key. $10K bill.

January 13, 2026

How DMARC forensics exposed an API key leak, 2.3M unauthorized emails, and a $10K bill.

Email Security

Backscatter Injection Attacks Exploiting Legitimate Infrastructure

January 8, 2026

Attackers use backscatter emails to bypass filters, harming servers and delivering phishing content.

Email Deliverability

When Marketing and Engineering Disconnect at ChatGPT

January 8, 2026

Billing emails failed due to template errors, highlighting coordination gaps between marketing and engineering.

Email Security

The Risks of Abruptly Enforcing DMARC p=reject in Organizations

January 8, 2026

Sudden DMARC enforcement can disrupt workflows, block emails, and impact organizational operations significantly.

Email Security

How a Fake Bank Transfer Email Nearly Fooled Me

January 8, 2026

Spoofed emails can mimic trusted senders, highlighting risks in elementary school communications.

Email Security

Microsoft 365 Groups Bypass DMARC, Exposing Organizations to Spoofing

December 29, 2025

Microsoft 365 groups can deliver spoofed emails despite failing SPF, DKIM, and enforced DMARC policies.

Email Security

Why Subdomain DMARC Policies Are Often Unnecessary

December 25, 2025

Proper DMARC enforcement on the root domain protects non-existent subdomains without needing separate policies.

Email Security

Why Regular Password Changes Still Matter in Real Cybersecurity

December 18, 2025

Even with MFA, forced password resets help contain breaches and limit ongoing attacker access.

Email Security

Why Reusing Passwords Is Dangerous: The JustDropped Example

December 15, 2025

Reusing passwords puts accounts at risk, as some platforms store and email credentials in plaintext.

Email Deliverability

Cloudflare Outage Disrupts Multiple Services Including ChatGPT

December 2, 2025

Cloudflare downtime affects ChatGPT, Klaviyo, and other services, impacting user experience and trust.

Email Security

Unexpected DMARC Reports Flood emvdmarc[.]com After Domain Acquisition

December 1, 2025

New domain emvdmarc[.]com receives DMARC reports from random organizations, creating unexpected security concerns.

Email Security

The Challenges of Enforcing DMARC p=reject in Modern Email Infrastructure

November 12, 2025

Implementing DMARC p=reject stops spoofing but often clashes with business workflows and new systems.