All public services sending emails out on behalf of government organisations must follow all protocols, processes and guidelines to ensure that they secure their email service. This includes:

• the service providing users with mailbox access

• internal relays and gateways

• email filtering services

• third party services that send email on your behalf, like transactional email services

Key configurations are needed to ensure you email services run smoothly:

• Transport Layer Security (TLS)

• DomainKeys Identified Mail (DKIM)

• Domain-based Message Authentication, Reporting & Conformance (DMARC)

• Public Domain Name System (DNS)

• Ability to make administrative changes

If there are any changes made to your email security, ensure that you communicate such changes to all staff in your organisation.