Articles - Page 2

May 2026

Phishing vs spear phishing 2026 comparison: mass email versus targeted OSINT attack, with deepfake, BEC, and DMARC defenses

CaptainDNS · May 4, 2026

Phishing vs spear phishing: what's the difference in 2026?

Phishing targets the masses, spear phishing targets the person. In 2026, AI, OSINT, and deepfakes blur the line. Full breakdown with real cases and defenses.

April 2026

HSTS and the preload list: the Strict-Transport-Security directives that force HTTPS

CaptainDNS · April 24, 2026

HSTS: the complete guide to enable Strict-Transport-Security and the preload list

HSTS (RFC 6797) forces browsers to contact your site only over HTTPS. This guide covers the protocol, the directives, per-stack configurations and how to submit to the Chrome preload list.

Cloudflare email ecosystem 2026: Email Routing, Email Service, Email Security, and DMARC Management

CaptainDNS · April 21, 2026

Cloudflare Email Service: Email Routing, Security, and DMARC Management explained

Cloudflare now covers 4 email layers: free Email Routing, transactional Email Service (public beta April 2026), anti-phishing Email Security (formerly Area 1), and DMARC Management. Complete guide covering architecture, DNS, Proofpoint/Mimecast comparison, and pricing.

Illustration of Cisco Secure Email Cloud Gateway (CES) as a SaaS gateway with iphmx.com DNS and Talos threat intelligence

CaptainDNS · April 17, 2026

Cisco Secure Email Cloud Gateway (CES): SaaS architecture, iphmx.com DNS and ESA migration

Cisco Secure Email Cloud Gateway (CES) is Cisco's primary SaaS offering in 2026, the successor to the legacy ESA appliances inherited from Ironport. Complete guide: CES onboarding, iphmx.com MX records by region (NA/EU/APJ), SPF/DKIM/DMARC, migration from ESA to CES, 2024-2025 Gartner Magic Quadrant exit, zero-day CVE-2025-20393, comparison with Proofpoint, Mimecast, Defender and Abnormal.

Illustration of Abnormal Security as a behavioral AI email security platform

CaptainDNS · April 13, 2026

Abnormal Security: behavioral AI, API deployment, and email gateway alternatives

Abnormal Security is an API-native ICES platform that detects BEC, VEC, and Account Takeover attacks using behavioral AI, with no MX change required. Complete guide: Attune 1.0 architecture, Proofpoint/Mimecast/Defender comparison, limitations, and DNS record audit.

Illustration of Proofpoint as an enterprise secure email gateway powered by Nexus AI

CaptainDNS · April 7, 2026

Proofpoint Secure Email Gateway: architecture, DNS configuration and alternatives

Proofpoint is the enterprise SEG benchmark, used by 87 of the Fortune 100. Complete guide: Nexus AI architecture, TAP, SPF/DKIM/DMARC configuration, the 2024 EchoSpoofing incident and a comparison with Mimecast, Microsoft Defender and Abnormal Security.

Illustration of Mimecast as a secure email gateway intercepting threats

CaptainDNS · April 2, 2026

Mimecast Secure Email Gateway: how it works, DNS setup, and alternatives

Mimecast is a cloud email gateway (SEG) that intercepts all traffic via MX redirection. Full guide: architecture, SPF/DKIM/DMARC setup, Proofpoint/Abnormal Security comparison, and DNS audit.

Diagram showing the process of obtaining a VMC or CMC certificate for BIMI

CaptainDNS · April 1, 2026

VMC and CMC Certificates for BIMI: How to Choose, Buy and Deploy

Complete guide to obtaining and deploying a VMC or CMC certificate: CA comparison, pricing, prerequisites and free hosting.

March 2026

CaptainDNS · March 31, 2026

BIMI logo hosting: where and how to host your SVG logo and certificate

Hosting is BIMI's overlooked weak link. This guide compares 5 options, covers HTTPS requirements, and walks you through a step-by-step tutorial with CaptainDNS.

Diagram showing the structure of an email header with key fields annotated: From, Received, Authentication-Results

CaptainDNS · March 29, 2026

Understanding email headers: the complete guide to reading and analyzing every field

Every email carries an invisible logbook. This guide teaches you how to extract it, read it field by field, and diagnose deliverability or security issues.