Practical Security Guides For Your Team

Your domain has a DMARC record, but it's set to 'monitor only' — meaning it watches for suspicious email activity but takes no action to stop it. Anyone can currently send emails that appear to come from your domain, and those emails will land in recipients' inboxes unchallenged. Think of it like having a security camera but no lock on the door.

Your server still supports TLS 1.0, an old encryption standard from 1999 that has a known weakness called BEAST. Think of it like a lock on your front door that was recalled years ago — it still works most of the time, but security experts have shown it can be picked under the right conditions. Modern browsers and servers have largely worked around this flaw on their end, but the safest fix is to retire the old protocol on your server entirely.