We’re already sending emails securely, now it’s time to secure inbound email as well! Back in 2022, Microsoft enabled outbound SMTP DANE with DNSSEC for all Exchange Online customers, including MSA (hotmail, live, outlook), ensuring encrypted delivery when sending to domains that support it. Finally, at the tail end of 2024, Microsoft enabled inbound SMTP DANE with DNSSEC across all Exchange Online tenants in a public preview. This adds transport-layer security for receiving

Sending an email securely requires more moving parts than most people expect, you don’t notice when it works. You really notice when it doesn’t! Email is still one of the most critical, and most abused, communication channels in modern IT environments. While most organizations rely on email every day, not enough people knows how emails, and the security surrounding it, actually works under the hood. This post breaks down the core building blocks of modern email security, fro

Today I want to walk through how to configure Azure App Service Authentication when your App Service sits behind Azure Front Door and is accessed through a Private Link. On a dreadful day in october 2025, I received something that most IT people fear - a request from a client! The request included information from the client, that they were struggling with authentication on a Web App deployed behind Azure Front Door using Private Link. What looked like a straightforward setup