Vendito

Hi, here at Vendito we are

Vendito

Security Services at Vendito

Vendito is offering IT Security Services to the clients. We are a team of professionals who are dedicated to providing the best security services to our clients. We are always ready to help you with your security needs.

Certificates

OSCP
OSCE
OSEE
OSWE
OSWP
CISSP
GCIH
CCNA
VCP

Services

Clients

Functionize
Functionize
Contributor

The #1 Agentic Automation Platform for Enterprises

Shapr3D
Shapr3D

A CAD software that helps you design better every step of the product journey

SnapSoft
SnapSoft

SnapSoft is managing cloud-based projects, including e-commerce, fintech, data & analytics, quality assurance solutions and system migrations to AWS.

AxoFlow
AxoFlow

Axoflow is a security data curation pipeline from the creators of Syslog-ng & Logging Operator, empowering hybrid enterprises to reduce complexity and costs by 50% or more by automatically curating their carrier-grade data in the pipeline.

Corvinus
Corvinus

Corvinus University of Budapest (Hungarian: Budapesti Corvinus Egyetem) is a private research university in Budapest, Hungary. The university currently has an enrolment of approximately 9,600 students, with a primary focus on business administration, economics, and social sciences, operating in Budapest and Székesfehérvár since 1948.

Telekom
Telekom

Telekom is a leading telecommunications company providing mobile, fixed-line, internet, and digital services to businesses and individuals globally.

Recent Posts

SPF, DMARC and DKIM - 3 pillars for email security

The SMPT protocol was invested without any security measures in place. Since then we have added multiple layers of security measures to ensure that emails are not tampered with and that the sender is who they say they are. The 3 most important security measures are SPF, DKIM and DMARC. How are emails sent? First let’s understand how emails are sent and how the sender is verified. The sending server establishes a connection with the receiving server. Over TCP - spoofing the IP address is not possible. The sending servers sends a HELO command to the receiving server with a domain. This domain is checked via SPF. The sending servers sends the envelope containing the Internet Message Format email to the receiving server. The envelope contains (among other things): Envelope From Header - this is not necessarily the same as the From header in the email. Envelope To Header - this is not necessarily the same as the To header in the email. The receiving server verifies the Envelope From domain via SPF. The receiving server verifies the DKIM signature, the SPF alignment and the DKIM alignment. The receiving server evaluates the sender’s DMARC policy. The receiving server puts the email message (Internet Message Format) in the recipient’s inbox. Or quarantines or rejects it based on the DMARC policy. The email message has a different From header and To header than the envelope. This is what the user will see in the inbox. graph LR A[Sending Server] -->|1. Establishes connection| E[Receiving Server] C -->|Receives Envelope| D[Message with Headers] E -->|The Internet Message Format email is put in the inbox| F[Recipient's Inbox] subgraph H[Internet Message Format] I[Message From] J[Message To] K[Message Subject] L[Message Body] end subgraph C[SMTP Envelope] D B[SMTP From Header] G[SMTP To Header] H end A -->|2. Sends Envelope| C[SMTP Envelope] C -->|3. Receives Envelope| E[Receiving Server] SPF The point of SPF is to authorize IPs to send email under your domain. SPF only applies to the envelope from domain. It does not apply to the From header in the email, which is what the user sees.