NIST SPECIAL PUBLICATION 1800-6 Domain Name System- Based Electronic Mail Security Includes Executive Summary (A); Approach, Architecture, and Security Characteristics (B); and How -To Guides (C) Scott Rose William Barker Santos Jha Chinedum Irrechukwu Karen Waltermire This publication and its additional content is available free of charge from: https://doi.org/10.6028/NIST.SP.1800 -6 NIST SPECIAL PUBLICATION 1800-6 Domain Name System-Based Electronic Mail Security Includes Executive Summary (A); Approach, Architecture, and Security Characteristics (B) ; and How -To Guides (C) Scott Rose Information Technology Laboratory National Institute of Standards and Technology William Barker Dakota Consulting Silver Spring, MD Santos Jha Chinedum Irrechukwu The MITRE Corporation McLean, VA Karen Waltermire National Cybersecurity Center of Excellence National Institute of Standards and Technology This publication and its additional content is available free of charge from: https://doi.org/10.6028/NIST.SP.1800-6 January 2018 U.S. Department of Commerce Wilbur L. Ross, Jr., Secretary National Institute of Standards and Technology Walter Copan, NIST Director and Under Secretary of Commerce for Standards and Technology NIST SPECIAL PUBLICATION 1800- 6A Domain Name System -Based Electronic Mail Security Volume A : Executive Summary Scott Rose Information Technology Laboratory National Institute of Standards and Technology William Barker Dakota Consulting Silver Spring, MD Santos Jha Chinedum Irrechukwu The MITRE Corporation McLean, VA Karen Waltermire National Cybersecurity Center of Excellence National Institute of Standards and Technology January 2018 This publication and its additional content is available free of charge from: https:// doi.org/10.6028/NIST.SP.1800 -6 NIST SP 1800 -6A: Domain Name System- Based Electronic Mail Security This publication is available free of charge from: https://doi.org/10.6028/NIST.SP.1800- 6. 1 Executive Summary Both public and private -sector business operations are heavily reliant on electronic mail (email) exchanges , but the integrity of these transactions is often at risk, including financial and other proprietary information , as well as the privacy of employees and clients. Tools exist that are capable of providing the needed email security and privacy protection, b ut a number of factors have impeded the adoption of these existing security and privacy capabilities. These include:  The absence of comprehensive configuration instructions for composed set s of trusted electronic mail components ,  The absence of easily acce ssible information that points systems administrators to easily implemented software libraries and software applications , and  A perception that email security measures negatively impact the performance of email systems. However, o perating an email system without employing the available security and privacy tools invites attackers to breach sensitive enterprise information by introducing false addresses into mail messages, disrupting secure communication signaling, and improving the probability of successfu lly inducing enterprise users to open malicious attachments – still the most common method for introducing malware and breaching enterprise systems. The National Cybersecurity Center of Excellence (NCCoE) developed a set of example email security solutions that can help organizations to more easily implement security and privacy tools and protocols, thus reducing the likelihood of a data breach . The example security platforms described in this guide are consistent with the guidance and best practices contai ned in government and industry security standards . How these platforms address specific security requirements and best practices is addre