We are pleased to announce new enhancements to the Filter Settings module with the option to enforce DANE (DNS-Based Authentication of Named Entities) validation for the inbound email flow.

Over the next two weeks, we will be enabling the following options to enhance the encryption level:

Filter Settings page has been enhanced with the “DANE settings” section including the option to enforce the existence of appropriate TLSA (Transport Layer Security Authentication) records and DNSSEC (Domain Name System Security Extensions).

DANE, or DNS-Based Authentication of Named Entities, is a security protocol that utilises the DNS system to establish online communication and verify the authenticity and integrity of secure connections.

TLS relies on Certificate Authorities, but DANE adds security by allowing domain owners to designate trusted certificates.

DANE complements TLS by providing an additional layer of security for email encryption, rather than serving as a replacement.

The new option requires the destination server to support this security protocol. If DANE validation fails, the message will not be delivered.

Changelog

Since the latest major release, we’ve fixed the following issues: 

• MMA-10093: Improved the filtering for hidden exe attachments
• MMA-10332: Fixed an issue when the users receive duplicate Email Scout Report
• MMA-10343: Fixed an issue with Manual Email Scout Report not working using “Send Now” option
• MMA-10394: Fixed an issue with messages being displayed with delay in logs/quarantine view