This is a great topic, mainly because the standard operating method of SMTP is VERY vulnerable - sending content in plain text. We work hard to ensure any communication between you and our servers is secure (https, etc) as well as traffic between our data centers and on our data stores. However, if the email is sent in plain text once it leaves our servers, that doesn’t help much. This is why we use opportunistic TLS for outbound email and almost “force” DKIM for new sending addresses. Right now we have a 91% adoption rate for customers using DKIM, which I am very proud of. I’d much rather that be 100%. If you are reading this and not using DKIM on Postmark, get to it!
It doesn’t stop here of course. Our new (and free) DMARC tool helps you monitor and implement DMARC to protect who can send email on your behalf. We also just returned from our company retreat in Dominican Republic, and part of our road map is to continue adding security features to our application and API endpoints.
Hope you enjoy the good read from Word to the Wise. I always enjoy their posts on email.