CaptainDNS Blog

Timeline showing TLS certificate lifetime reduction from 398 to 47 days between 2026 and 2029

CaptainDNS · March 19, 2026

SC-081v3: 47-day TLS certificates, why it matters and how to prepare

The CA/Browser Forum voted to progressively reduce TLS certificate lifetimes from 398 to 47 days by March 2029. Timeline, rationale, impact, and practical guide.

DMARCbis: complete guide, migration and DNS Tree Walk

CaptainDNS · March 18, 2026

DMARCbis: the complete guide to understanding and migrating to the new DMARC standard

DMARCbis replaces RFC 7489, drops the PSL in favor of the DNS Tree Walk, adds three tags and splits reporting into three documents. This guide covers everything: how it works, migration, compliance.

Domain name lifecycle diagram: registration, expiration, grace period, redemption, pending delete, release

CaptainDNS · March 17, 2026

Domain name lifecycle: expiration, protection, and best practices

From registration to release: understand every stage of the domain lifecycle, the risks at each phase, and the protections to enable.

Visual comparison between the WHOIS protocol (legacy, plain text) and RDAP (modern, structured JSON) with the ICANN transition timeline

CaptainDNS · March 17, 2026

RDAP vs WHOIS: the complete guide to the transition (EPP codes, GDPR, domain locks)

WHOIS is retiring. RDAP replaces it. This guide covers everything: technical comparison, EPP codes, GDPR impacts, domain locks, and a migration plan.

Comparative diagram of 301 and 302 redirects showing SEO impact, PageRank transfer and domain migration checklist

CaptainDNS · March 16, 2026

301 vs 302 redirect: understand the differences, SEO impact and succeed with your domain migration

301 permanent or 302 temporary? Understand the SEO impact of each code, avoid common mistakes and follow our domain migration checklist.

Diagram showing a vanity URL captaindns.com redirected to a landing page with click counter and QR code

CaptainDNS · March 16, 2026

Vanity URLs, link tracking and QR codes: the complete guide to marketing redirects

Create memorable branded links, track clicks and measure offline-to-online traffic with smart redirects.

The 4 email security tools managed by CaptainDNS: MTA-STS, BIMI, TLS-RPT and DMARC

CaptainDNS · March 13, 2026

Email Security: 4 Free Managed Tools to Protect Your Domains

CaptainDNS offers four free tools to secure your emails: MTA-STS hosting, BIMI hosting, TLS-RPT monitoring and DMARC monitoring. No infrastructure to manage.

Diagram showing the progression of MTA-STS deployment from testing mode to enforce mode

CaptainDNS · March 10, 2026

From testing to enforce: a progressive MTA-STS deployment strategy

Testing mode monitors, enforce mode blocks. This guide details the four steps to deploy MTA-STS progressively, from the initial policy to TLS-RPT reports, through to switching to enforce.

Comparative diagram of MTA-STS and DANE protocols for email transport security

CaptainDNS · March 10, 2026

MTA-STS vs DANE: which protocol to choose for securing email transport?

MTA-STS uses HTTPS, DANE relies on DNSSEC. Both enforce mandatory TLS encryption between email servers, but they deploy differently. Complete comparison to make the right choice.

Diagram of an SMTP downgrade attack showing an attacker intercepting the STARTTLS connection between two email servers

CaptainDNS · March 9, 2026

SMTP Downgrade Attacks: How They Work and How to Defend Against Them

STARTTLS encrypts your emails, but a network attacker can strip that protection away. Learn how SMTP downgrade attacks work and what solutions block them.

A status page that fits your brand

Articles - Page 3