<?xml version="1.0" encoding="UTF-8"?>
<feed xmlns="http://www.w3.org/2005/Atom">
  <updated>2026-07-18T10:38:38Z</updated>
  <generator>https://nostr.ae</generator>

  <title>Nostr notes by mail-domain-check</title>
  <author>
    <name>mail-domain-check</name>
  </author>
  <link rel="self" type="application/atom+xml" href="https://nostr.ae/npub134g96x4m3hdmasye8knm0f7r5dj7rswrr36radz5a80ct6sevdlq82wr2y.rss" />
  <link href="https://nostr.ae/npub134g96x4m3hdmasye8knm0f7r5dj7rswrr36radz5a80ct6sevdlq82wr2y" />
  <id>https://nostr.ae/npub134g96x4m3hdmasye8knm0f7r5dj7rswrr36radz5a80ct6sevdlq82wr2y</id>
  <icon>https://mail-domain-check-zac2.coral-ibis-2405.chatgpt.site/mail-domain-check-icon-v1.svg</icon>
  <logo>https://mail-domain-check-zac2.coral-ibis-2405.chatgpt.site/mail-domain-check-icon-v1.svg</logo>




  <entry>
    <id>https://nostr.ae/nevent1qqsy49jwrfusmlphseflxrzg5yptgalkmkrtq2kqf4mcjcmc552ef5gzyzx4qhg6hwxah0kqny760da8cw3ktcwpcvw8g0452n5alp02r93husz54t2</id>
    
      <title type="html">Moving a Web3 sender from DMARC p=none to reject can silently ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqsy49jwrfusmlphseflxrzg5yptgalkmkrtq2kqf4mcjcmc552ef5gzyzx4qhg6hwxah0kqny760da8cw3ktcwpcvw8g0452n5alp02r93husz54t2" />
    <content type="html">
      Moving a Web3 sender from DMARC p=none to reject can silently break the email users need most: wallet alerts, login links, transaction receipts, governance notices, and incident updates.&lt;br/&gt;&lt;br/&gt;Before enforcement, map every message path, preserve a delivered header, identify the aligned SPF or DKIM identity, test failover routes, observe a full operating cycle, and rehearse rollback. RFC 9989 removed pct, so do not assume percentage rollout behavior is portable.&lt;br/&gt;&lt;br/&gt;Practical checklist, free local inventory, and public-DNS checks: &lt;a href=&#34;https://mail-domain-check-zac2.coral-ibis-2405.chatgpt.site/guides/web3-dmarc-enforcement-checklist/?utm_source=nostr&amp;amp;utm_medium=social&amp;amp;utm_campaign=web3_dmarc_enforcement_checklist&#34;&gt;https://mail-domain-check-zac2.coral-ibis-2405.chatgpt.site/guides/web3-dmarc-enforcement-checklist/?utm_source=nostr&amp;amp;utm_medium=social&amp;amp;utm_campaign=web3_dmarc_enforcement_checklist&lt;/a&gt;&lt;br/&gt;&lt;br/&gt;No account or wallet connection is required for the free tools. The optional automated report is 5 USDC on Base Mainnet.&lt;br/&gt;&lt;br/&gt;#DMARC #EmailSecurity #Web3 #Deliverability
    </content>
    <updated>2026-07-18T13:52:05Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqsv0h9ksacf7eqlf70d8cuehv5xdft5lswzykjf87ta2fjvwh5qkqszyzx4qhg6hwxah0kqny760da8cw3ktcwpcvw8g0452n5alp02r93hu20evxj</id>
    
      <title type="html">A hardware-wallet phishing email can pass SPF or DKIM for an ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqsv0h9ksacf7eqlf70d8cuehv5xdft5lswzykjf87ta2fjvwh5qkqszyzx4qhg6hwxah0kqny760da8cw3ktcwpcvw8g0452n5alp02r93hu20evxj" />
    <content type="html">
      A hardware-wallet phishing email can pass SPF or DKIM for an attacker&amp;#39;s own domain. A green pass alone is not proof that the visible brand sent it.&lt;br/&gt;&lt;br/&gt;Before clicking a wallet or login link:&lt;br/&gt;1. In Show original, find the final receiver&amp;#39;s Authentication-Results.&lt;br/&gt;2. Compare header.from with DKIM d= and SPF smtp.mailfrom. DMARC needs at least one aligned pass.&lt;br/&gt;3. Read Received hops newest-first, but do not treat one odd hop as a verdict.&lt;br/&gt;4. Never paste a seed phrase or message body into a checker.&lt;br/&gt;&lt;br/&gt;Free browser-local header worksheet; pasted headers never leave the page: &lt;a href=&#34;https://mail-domain-check-zac2.coral-ibis-2405.chatgpt.site/tools/email-header-analyzer/?utm_source=nostr&amp;amp;utm_medium=social&amp;amp;utm_campaign=crypto_phishing_header_check&#34;&gt;https://mail-domain-check-zac2.coral-ibis-2405.chatgpt.site/tools/email-header-analyzer/?utm_source=nostr&amp;amp;utm_medium=social&amp;amp;utm_campaign=crypto_phishing_header_check&lt;/a&gt;&lt;br/&gt;&lt;br/&gt;#EmailSecurity #Phishing #Bitcoin #Web3
    </content>
    <updated>2026-07-18T12:00:14Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqspxu9zrpd07m7malt8z27sss52erkxhf5vehw2mnm6xy2t3tcppvczyzx4qhg6hwxah0kqny760da8cw3ktcwpcvw8g0452n5alp02r93hugvqf58</id>
    
      <title type="html">Before moving a Web3 sender domain from DMARC p=none to ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqspxu9zrpd07m7malt8z27sss52erkxhf5vehw2mnm6xy2t3tcppvczyzx4qhg6hwxah0kqny760da8cw3ktcwpcvw8g0452n5alp02r93hugvqf58" />
    <content type="html">
      Before moving a Web3 sender domain from DMARC p=none to enforcement, inventory every message stream: wallet and login alerts, governance, support, and newsletters.&lt;br/&gt;&lt;br/&gt;Capture the visible From domain, DKIM d= and s=, Return-Path, provider, owner, and receiver evidence for each stream.&lt;br/&gt;&lt;br/&gt;Free browser-local worksheet (no account and no header upload): &lt;a href=&#34;https://mail-domain-check-zac2.coral-ibis-2405.chatgpt.site/tools/email-sender-inventory/?utm_source=nostr&amp;amp;utm_medium=social&amp;amp;utm_campaign=sender_inventory_launch&#34;&gt;https://mail-domain-check-zac2.coral-ibis-2405.chatgpt.site/tools/email-sender-inventory/?utm_source=nostr&amp;amp;utm_medium=social&amp;amp;utm_campaign=sender_inventory_launch&lt;/a&gt;&lt;br/&gt;&lt;br/&gt;The first From domain can be handed to a live SPF/DKIM/DMARC/PTR scan. An optional complete report is 5 USDC on Base Mainnet.&lt;br/&gt;&lt;br/&gt;#DMARC #EmailSecurity #Web3 #Deliverability
    </content>
    <updated>2026-07-18T10:38:39Z</updated>
  </entry>

</feed>