Domain Name System-Based Electronic Mail Security

Published: January 16, 2018


Scott W. Rose, Karen M. Waltermire, Santos Jha, Chinedum Irrechukwu, WIlliam C. Barker


This document describes a security platform for trustworthy email exchanges across organizational boundaries. The project includes reliable authentication of mail servers, digital signature and encryption of email, and binding cryptographic key certificates to sources and servers. The example solutions and architectures presented here are based upon standards- based open-source and commercially available products.
Citation: Special Publication (NIST SP) - 1800-6
Report Number:
Pub Type: NIST Pubs


Domain Name System, DNSSEC, DANE, electronic mail, email, encryption, digital signature, X.509, transport layer security protocol, TLSA, Secure/Multipurpose Electronic Mail Extensions, S/MIME, Internet
Created January 16, 2018, Updated November 10, 2018