← All Songs
Topic
Security
Authentication protocols and DNS policies that protect your domain from spoofing, phishing, and brand impersonation by bad actors.
7 songs
Songs
Phish
Kiss — Prince and the Revolution
A humorous parody of Prince's classic exploring the deceptive world of phishing.
This track highlights how easily unsuspecting users can be tricked into handing over their passwords.
AuthenticationEmail Design
Deliverability Rhapsody
Bohemian Rhapsody — Queen
This song gave me a hard time revising it because of the changes in rhythm and style. I wasn't able to produce the dramatic/lyrical section the way I wanted.
I'm quite satisfied with the final result though. What do you think?
AuthenticationPostmaster Tools
Block Stuff
Break Stuff — Limp Bizkit
A spam filter's frustrated rant from the front lines, "Block Stuff" channels the rage of catching spoofed senders, free-gift scams, and complaint-triggering junk all day long. The song breaks down how authentication failures, user complaints, and shady content fast-track senders straight onto blocklists.
Spam FiltersReputation
P=REJECT (Without Me)
Without Me — Eminem
A high-energy anthem for DMARC enforcement, this song champions the move from p=none monitoring to a full p=reject policy as the only real defense against domain spoofing and phishing. It breaks down why authentication alignment across SPF and DKIM — backed by a strict DMARC stance — is what actually stops fraudsters from impersonating your brand at the gateway.
AuthenticationReputation
Sending in the Name
Killing in the Name — Rage Against The Machine
A blistering protest anthem against domain spoofers and email scrapers who hijack legitimate brands to flood inboxes with abuse. The song channels righteous fury into a lesson on why SPF, DKIM, and DMARC enforcement exist — to stop bad actors from sending in the name of someone else.
Authentication
DMARC Don't Lie
Inbox Senders Club
A weary sender's blues confession that reads SPF, DKIM, and DMARC alignment like a lover's lie detector — exposing misaligned From domains, p=none policies hiding from enforcement, and duplicate DMARC records left to rot in the zone. Soulful and grounded, it argues that authentication tells the truth your headers won't.
AuthenticationCompliance
DKIM on My Mind
Inbox Senders Club
A weary sender's blues meditation on DKIM authentication — the loneliness of unsigned headers, the heartbreak of broken signatures, and the hard-won wisdom of key rotation, selector hygiene, and domain alignment across multiple vendors. Sung from the perspective of someone who's watched messages fail trust checks one too many times and learned that without a valid signature, nothing else matters.
Authentication
Glossary
SPF — Sender Policy Framework
DNS-based mechanism (RFC 7208) that authorizes which IP addresses may send email on behalf of a domain via a TXT record. Evaluated at SMTP connection time against the envelope MAIL FROM domain, not the visible From header.
DKIM — DomainKeys Identified Mail
Cryptographic signature (RFC 6376) added to email headers by the sending MTA and verified using a public key published in DNS. Survives email forwarding unlike SPF.
DMARC — Domain-based Message Authentication, Reporting & Conformance
Policy layer (RFC 7489) built on SPF and DKIM. Allows domain owners to declare how receivers handle authentication failures. Requires identifier alignment between authenticated domain and visible From header.
ARC — Authenticated Received Chain
Protocol (RFC 8617) that preserves authentication results across email forwarding hops by cryptographically signing the original results at each forwarding step.
MTA-STS — Mail Transfer Agent Strict Transport Security
Policy mechanism (RFC 8461) allowing domains to declare TLS support for inbound SMTP, requiring sending MTAs to refuse unencrypted delivery.
BIMI — Brand Indicators for Message Identification
Standard that displays a brand logo next to authenticated messages in supporting mailbox providers. Requires DMARC at p=quarantine or p=reject plus a Verified Mark Certificate (VMC).