The National Cybersecurity Center of Excellence (NCCoE) on Wednesday released a draft of the NIST Cybersecurity Practice Guide, “Domain Name Systems-Based Electronic Mail Security.” 

The draft guide, Domain Name Systems-Based Electronic Mail Security (NIST Special Publication 1800-6), demonstrates how commercially available technologies can help email service providers improve the security of email communications, said NIST.

The goal of this project is to demonstrate a security platform that provides trustworthy email exchanges and tools that help organizations to encrypt emails between mail servers, allow individual email users to digitally sign and/or encrypt email messages, and allow email users to identify valid email senders as well as send digitally signed messages and validate signatures of received messages, according to NIST.

Organizations can also learn how to:

  • Encrypt emails between mail servers
  • Allow individual email users to digitally sign and/or encrypt email messages
  • Allow email users to identify valid email senders as well as send digitally signed messages and validate signatures of received messages

The guide is part of a new series of publications, called NIST Cybersecurity Practice Guides (Special Publication 1800 series), which target complex cybersecurity challenges in the public and private sectors. The guides show members of the information security community how to implement example solutions intended to help them align more easily with relevant standards and best practices, said NIST.

The draft guide is now open for public comments and the public comment period will remain open until December 19, 2016.