Domain Security

In the spirit of Spring Cleaning and the shut-in effect of the quarantine kicking in hard, I decided to do a few things.

It started off with cleaning out the air conditioner (spoiler : never do this) and it ended with a plan on securing up my domains.

Having had mmn.on.ca since the late 90s, spammers do try and forge the domain. Granted since 2018 I've had the DMARC policy set to quarantine (lol) and it seemed to have helped from seeing the DMARC reports but with all this COVID-19 SPAM I decided to do my part to prevent bullshit from propagating (and no, no matter what Karen from YouTube says, 5G does not propagate or cause COVID-19.)

I have my next set of core domains to be set to the reject policy very soon.

Right now mmn.on.ca has a pretty good score on deliverability on internet.nl at 87% (not having IPv6 mail servers does kick you down a bit, and ProtonMail hasn't yet phased out some of the older TLS stock.

Previously I wasn't able to have DNSSEC with my previous and long time registrar MyID.ca so I had to move it to a new one not long ago so I could implement that. I've also got to reimplement HSTS, but that's a job for another day.