Microsoft is introducing Inbound SMTP DANE with DNSSEC for Exchange Online in public preview to enhance email integrity and security. This new capability utilizes DNS-based Authentication of Named Entities (DANE) for SMTP and Domain Name System Security Extensions (DNSSEC) to defend against downgrade and man-in-the-middle attacks. By verifying the identity of destination mail servers and the authenticity of certificates, it ensures secure connections and prevents TLS-downgrade and MiTM attacks. Additionally, DNSSEC provides cryptographic verification of DNS records to prevent spoofing, hijacking, and interception of email messages. The rollout roadmap indicates that the capability will be deployed across all Outlook domains by the end of 2024. Microsoft will offer this new capability for free to enterprise and home customers and urges other email providers and domain owners to adopt these standards to collectively raise the bar for email security. The company initially planned to roll out the public preview from March to July 2024 but had to delay it due to necessary security investments identified during the Private Preview stage.
The 128 series brings you byte-sized news for busy professionals. The full story can be found here: http://cmd.news/article/industry-news/microsoft-introduces-inbound-smtp-dane-with-dnssec-for-exchange-online/
