At RacterMX, security is our top priority. We implement multiple layers of protection to keep your email communications secure and maintain the highest standards of email authentication and encryption.
We use the strictest SPF policy (-all) telling the world: "If it's not on this list, it's NOT us. Reject it." This is the strongest deliverability signal you can send to major providers.
SPF validates that emails come from authorized mail servers, preventing email spoofing and impersonation.
DNS Lookups: 0/10 - Lean and efficient, well within the 10-lookup limit for fast validation.
We use Edwards-curve cryptography (ED25519)βthe future of email authentication. It's faster, smaller, and mathematically stronger than RSA. We maintain RSA fallback for older servers.
All emails are cryptographically signed to verify sender authenticity and ensure messages haven't been tampered with in transit.
Suspicious mail is sent to the spam folder, protecting the inbox while maintaining brand association. We use strict alignment (aspf=s; adkim=s) requiring exact domain matching for maximum security.
DMARC provides reporting and policy enforcement for email authentication, combining SPF and DKIM validation.
All mail servers support the latest TLS 1.3 protocol with AES-256-GCM encryption for secure email transmission.
We enforce TLS encryption for all email transmission to prevent man-in-the-middle attacks.
MTA-STS enforces TLS encryption and prevents downgrade attacks. Our policy is set to enforce mode with 7-day caching.
MTA-STS ensures that email is only delivered over encrypted connections, protecting against active attacks.
DANE enabled with certificate pinning to DNS. Even if a Certificate Authority is compromised, attackers cannot forge our identity. You are protected by cryptographic proof.
DANE (DNS-based Authentication of Named Entities) provides the highest level of transport security by cryptographically binding our mail server's certificate to DNS.
We receive detailed reports about TLS connection failures, allowing us to quickly identify and resolve encryption issues.
Our mail servers (mail.racter.com at 82.221.100.161) maintain a clean reputation across all major blacklist databases.
DNSSEC is properly configured, providing cryptographic authentication of DNS records and preventing DNS spoofing attacks.
Reverse DNS properly configured: 82.221.100.161 β mail.racter.com. This proves mail server legitimacy and improves deliverability.
Certificate Authority Authorization records restrict which CAs can issue certificates for our domains:
If you discover a security vulnerability, please report it to us immediately. We appreciate responsible disclosure and will work with you to address any issues promptly.
Contact: security@ractermx.com
Want to check your own domain's email security? Use our free domain scanner at scan.ractermx.com to get a comprehensive security report.