U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

PUBLICATIONS

Trustworthy Email

Published

Author(s)

Scott W. Rose, J. S. Nightingale, Simson Garfinkel, Ramaswamy Chandramouli

Abstract

This document gives recommendations and guidelines for enhancing trust in email. The primary audience includes enterprise email administrators, information security specialists and network managers. This guideline applies to federal IT systems and will also be useful for small or medium sized organizations. Technologies recommended in support of core Simple Mail Transfer Protocol (SMTP) and the Domain Name System (DNS) include mechanisms for authenticating a sending domain: Sender Policy Framework (SPF), Domain Keys Identified Mail (DKIM) and Domain based Message Authentication, Reporting and Conformance (DMARC). Recommendations for email transmission security include Transport Layer Security (TLS) and associated certificate authentication protocols. Recommendations for email content security include the encryption and authentication of message content using S/MIME (Secure/Multipurpose Internet Mail Extensions) and associated certificate and key distribution protocols.
Citation
Special Publication (NIST SP) - 800-177 Rev. 1
Report Number
800-177 Rev. 1
NIST Pub Series
Special Publication (NIST SP)
Pub Type
NIST Pubs
Supercedes Publication
Trustworthy Email

Download Paper

DOI Link

Keywords

Email, Simple Mail Transfer Protocol (SMTP), Transport Layer Security (TLS), Sender Policy Framework (SPF), Domain Keys Identified Mail (DKIM), Domain based Message Authentication, Reporting and Conformance (DMARC), Authentication of Named Entities (DANE), S/MIME, OpenPGP.
Network security and robustness and Cybersecurity

Citation

Rose, S. , Nightingale, J. , Garfinkel, S. and Chandramouli, R. (2019), Trustworthy Email, Special Publication (NIST SP), National Institute of Standards and Technology, Gaithersburg, MD, [online], https://doi.org/10.6028/NIST.SP.800-177r1 (Accessed November 20, 2024)

Issues

If you have any questions about this publication or are having problems accessing it, please contact reflib@nist.gov.

Created February 25, 2019, Updated March 23, 2021