Outgoing White House Emails Not Protected by Verification System

The security advocacy group Global Cyber Alliance tested the 26 email domains managed by the Executive Office of the President (EOP) and found that only one fully implements a security protocol that verifies the emails as genuinely from the White House. From a report: Of the 26 domains, 18 are not in compliance with a Department of Homeland Security directive to implement that protocol. Imagine the havoc someone could cause sending misinformation from a presidential aide's account: Such fraudulent messages could be used in phishing campaigns, to spread misinformation to careless reporters, or to embarrass White House employees by sending fake tirades under their names.

Re:It's e-mail, it's never going to be 'secure'

[blane.bramble]

Not strictly true - that SPF records says to treat a failed result as suspicious, not to reject it, so email servers will accept it and usually treat it as having a higher spam rating.