BIMI is a way to verify information about your brand. Like DMARC, DKIM, and SPF—three methods for verifying sender information—BIMI is a text record that lives on your servers. In fact, it works right alongside SPF, DMARC, and DKIM to signal to email clients that you are you. As such, BIMI aids in deliverability, too.

espoofer is an open-source testing tool to bypass SPF, DKIM, and DMARC authentication in email systems. It helps mail server administrators and penetration testers to check whether the target email server and client are vulnerable to email spoofing attacks or can be abused to send spoofing emails.

Daemon application able to fetch messages from supported websites and send them by mail. It can also be used to send a reply to a message (on a module which supports this feature), by piping an email to it.

Looks like it should be possible to read (perhaps even write) private messages on Reddit without having to deal with Reddit's own, pretty terrible, web interface. Worth looking into.

TinyLetter is a personal newsletter service brought to you by the people behind Mailchimp. People use it to send updates, digests, and dispatches to their fans and friends.

Though they're built on the same infrastructure, TinyLetter is for people who don't need all the business features that come along with Mailchimp. Simplicity is at the heart of everything we do at TinyLetter.

TinyLetter is a completely free service.

Dangerzone, a new open source tool that First Look Media just released at the Nullcon 2020 hacker conference in Goa, India, aims to solve this problem. You can install dangerzone on your Mac, Windows, or Linux computer, and then use it to open a variety of types of documents: PDFs, Microsoft Office or LibreOffice documents, or images. Even if the original document is dangerous and would normally hack your computer, dangerzone will convert it into a safe PDF that you can open and read.

...

When dangerzone starts containers, it disables networking, and the only file it mounts is the suspicious document itself. So if a malicious document hacks the container, it doesn’t have access to your data and it can’t use the internet, so there’s not much it could do.

DomainKeys Identified Mail (DKIM) allows a person or organisation to claim responsibility for an email message by associating a domain name with the message.

"To be honest, the spooks love PGP," Nicholas Weaver, a researcher at the International Computer Science Institute, told the Usenix Enigma conference in San Francisco on Wednesdy. "It's really chatty and it gives them a lot of metadata and communication records. PGP is the NSA's friend."

Lists should keep the From address, the Subject, and the Message totally unchanged. They should add a Sender header to indicate their relay role, and set at least the List-Id and List-Unsubscribe headers for mailbox rules and subscription management.

This configuration will allow mailing lists to function as proper SMTP citizens in the age of DMARC.

E-mail was once the pillar of the Internet as a truly distributed, standards-based and non-centralized means to communication with people across the planet. Today, an increasing number of services people rely on are losing federation and interoperability by companies who need to keep people engaged on their for-profit services. Much of the Internet’s communication is moving to these walled gardens, leaving those who want to run their own services in an increasingly hostile communication landscape.

This is a quick recap of why I'm sad about SMTP encryption. It explains how TLS certificate verification in SMTP is useless even if you force it.