privacyguides/i18n
1
0
Fork 0
mirror of https://github.com/privacyguides/i18n.git synced 2025-09-01 02:49:14 +00:00
Code Activity

New Crowdin translations by GitHub Action

Browse Source
This commit is contained in:
Crowdin Bot
2024-03-13 04:31:23 +00:00
parent dc29926b3c
commit a8fa7a9e95
1769 changed files with 36057 additions and 41472 deletions
Download Patch File Download Diff File Expand all files Collapse all files

60
i18n/ku-IQ/email.md
View File

@@ -55,7 +55,7 @@ OpenPGP also does not support Forward secrecy, which means if either your or the
<summary>Downloads</summary>
- [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=ch.protonmail.android)
- [:simple-appstore: App Store](https://apps.apple.com/app/apple-store/id979659905)
- [:simple-appstore: App Store](https://apps.apple.com/app/id979659905)
- [:simple-github: GitHub](https://github.com/ProtonMail/proton-mail-android/releases)
- [:simple-windows11: Windows](https://proton.me/mail/bridge#download)
- [:simple-apple: macOS](https://proton.me/mail/bridge#download)
@@ -74,7 +74,7 @@ Proton Mail ڕاپۆرتی تێکچوونە ناوخۆییەکانی هەیە،
#### :material-check:{ .pg-green } دۆمەینە تایبەتیەکان و نازناوەکان
بەژداربووانی Proton Mail دەتوانن دۆمەینی خۆیان بەکاربێنن لەگەل خزمەتگوزاریەکە یان <a href=https://proton.me/support/catch-all>هەموو نامەیەک بگرنەوە</a>. هەروەها Proton Mail پشتگیری دەکات لە [ناونیشانی دووەمی](https://proton.me/support/creating-aliases)، کە بەسوودە بۆ ئەو کەسانەی نایانەوێت دۆمەین بکڕن.
بەژداربووانی Proton Mail دەتوانن دۆمەینی خۆیان بەکاربێنن لەگەل خزمەتگوزاریەکە یان <a href=https://proton.me/support/catch-all>هەموو نامەیەک بگرنەوە</a>. Proton Mail also supports [sub-addressing](https://proton.me/support/creating-aliases), which is useful for people who don't want to purchase a domain.
#### :material-check:{ .pg-green }شێوازی پارەدانی نهێنی
@@ -129,7 +129,7 @@ Poton Mail کرداری میراتی دیجیتاڵی پێشکەش ناکات.
#### :material-check:{ .pg-green } دۆمەینە تایبەتیەکان و نازناوەکان
Mailbox.org ڕێگەت پێ دەدات دۆمەینی خۆت خۆت بەکاربێنی، وە پشتگیری لە [گرتنەوەی هەموو نامەکان](https://kb.mailbox.org/display/MBOKBEN/Using+catch-all+alias+with+own+domain) دەکات. هەروەها Mailbox.org پشتگیری دەکات لە [ناونیشانی دووەمی](https://kb.mailbox.org/display/BMBOKBEN/What+is+an+alias+and+how+do+I+use+it)، کە بەسوودە ئەگەر ناتەوێت دۆمەین بکڕیت.
Mailbox.org lets you use your own domain, and they support [catch-all](https://kb.mailbox.org/en/private/custom-domains/how-to-set-up-a-catch-all-alias-with-a-custom-domain-name) addresses. Mailbox.org also supports [sub-addressing](https://kb.mailbox.org/en/private/account-article/what-is-an-alias-and-how-do-i-use-it), which is useful if you don't want to purchase a domain.
#### :material-check:{ .pg-green }شێوازی پارەدانی نهێنی
@@ -137,17 +137,17 @@ Mailbox.org هیچ جۆرە دراوێکی دیجیتاڵی قبوڵ ناکات
#### :material-check:{ .pg-green }پارێزراوێتی هەژمار
Mailbox.org تەنها پشتگیری لە [سەلماندنی دووانی](https://kb.mailbox.org/display/MBOKBEN/How+to+use+two-factor+authentication+-+2FA) بۆ ماڵپەری پۆستەی ئەلکتڕۆنییەکەیان دەکات. You can use either TOTP or a [YubiKey](https://en.wikipedia.org/wiki/YubiKey) via the [YubiCloud](https://www.yubico.com/products/services-software/yubicloud). شیوازە باوەکانی وەک [WebAuthn](https://en.wikipedia.org/wiki/WebAuthn) هێشتا پشتگیری نەکراون.
Mailbox.org supports [two factor authentication](https://kb.mailbox.org/en/private/account-article/how-to-use-two-factor-authentication-2fa) for their webmail only. You can use either TOTP or a [YubiKey](https://en.wikipedia.org/wiki/YubiKey) via the [YubiCloud](https://yubico.com/products/services-software/yubicloud). شیوازە باوەکانی وەک [WebAuthn](https://en.wikipedia.org/wiki/WebAuthn) هێشتا پشتگیری نەکراون.
#### :material-information-outline:{ .pg-blue }پارێزراوێتی زانیاری
Mailbox.org ڕیگ دەدات بە شفرکردنی پۆستە هاتتووەکان بە بەکارهێنانی [سندوقی پۆستەی شفراوی](https://kb.mailbox.org/display/MBOKBEN/The+Encrypted+Mailbox) ئەوان. نامە نوێکانی کە تۆ وەریدەگری ڕاستەوخۆ بە کلیلی گشتیت شفر دەکرێن.
Mailbox.org allows for encryption of incoming mail using their [encrypted mailbox](https://kb.mailbox.org/en/private/e-mail-article/your-encrypted-mailbox). نامە نوێکانی کە تۆ وەریدەگری ڕاستەوخۆ بە کلیلی گشتیت شفر دەکرێن.
هەرچۆنێك بێت، [Open-Exchange](https://en.wikipedia.org/wiki/Open-Xchange)، ئەو نەرمەواڵەی لەلایەن Mailbox.org بەکاردەهێندرێت, [پشتگیری ناکات](https://kb.mailbox.org/display/BMBOKBEN/Encryption+of+calendar+and+address+book) لە شفرەکردنی پەرتووکی ناونیشانەکانت و ڕۆژژمێرەکەت. [بژاردەیەکی سەربەخۆ](calendar.md) لەوانەیە گونجاوتر بێت بۆ ئەم زانیاریە.
However, [Open-Exchange](https://en.wikipedia.org/wiki/Open-Xchange), the software platform used by Mailbox.org, [does not support](https://kb.mailbox.org/en/private/security-privacy-article/encryption-of-calendar-and-address-book) the encryption of your address book and calendar. [بژاردەیەکی سەربەخۆ](calendar.md) لەوانەیە گونجاوتر بێت بۆ ئەم زانیاریە.
#### :material-check:{ .pg-green } شفرکردنی پۆستەی ئەلکتڕۆنی
Mailbox.org [شفرکردنی OpenPGP زیادکردووە](https://kb.mailbox.org/display/MBOKBEN/Send+encrypted+e-mails+with+Guard) لە ماڵپەری پۆستەی ئەلکتڕۆنییەکەیان، کە ناردنی نامەکان ئاسان دەکات بۆ ئەو کەسانەی کلیلی گشتی OpenPGPـیـان هەیە. هەروەها [وەرگرەکان دەتوانن لە دوورەوە شفری پۆستە ئەلکتڕۆنێیەک لەببەن](https://kb.mailbox.org/display/MBOKBEN/My+recipient+does+not+use+PGP)، کە لەسەر ڕاژەکارەکانی Mailbox.org. ئەم تایبەتمەندیە بەسوودە کاتێک وەرگر لە دوورەوە OpenPGPـی نییە و ناتوانێت شفرەکە لەسەر لەبەرگیراوەیەکی پۆستەکە لاببات لە سندووقی پۆستەکانی خۆیدا.
Mailbox.org has [integrated encryption](https://kb.mailbox.org/en/private/e-mail-article/send-encrypted-e-mails-with-guard) in their webmail, which simplifies sending messages to people with public OpenPGP keys. They also allow [remote recipients to decrypt an email](https://kb.mailbox.org/en/private/e-mail-article/my-recipient-does-not-use-pgp) on Mailbox.org's servers. ئەم تایبەتمەندیە بەسوودە کاتێک وەرگر لە دوورەوە OpenPGPـی نییە و ناتوانێت شفرەکە لەسەر لەبەرگیراوەیەکی پۆستەکە لاببات لە سندووقی پۆستەکانی خۆیدا.
هەروەها Mailbox.org پشتگیری دۆزینەوەی کلیلە گشتیەکان دەکات لە HTTPــەوە لە ڕێگای [Web Key Directory (WKD)](https://wiki.gnupg.org/WKD). ئەمە ڕێگە بە کەسانی دەرەوەی Mailbox.org دەدات کە کلیلەکانی OpenPGP بۆ هەژمارەکانی Mailbox.org بە ئاسانی بدۆزنەوە، تا ببێتە هۆی گونجاندن لەگەڵ دابینکەرانی تری E2EE. This only applies to email addresses ending in one of Mailbox.org's own domains, like @mailbox.org. If you use a custom domain, you must [configure WKD](./basics/email-security.md#what-is-the-web-key-directory-standard) separately.
@@ -157,9 +157,9 @@ Mailbox.org [شفرکردنی OpenPGP زیادکردووە](https://kb.mailbox.o
#### :material-information-outline:{ .pg-blue } کرداری زیادە
دەتوانیت هەژمێرەکەی Mailbox.org بەکاربێنی لەڕێگەی IMAP/SMTP بە بەکارهێنانی [خزمەتگوزاری ](https://kb.mailbox.org/display/MBOKBEN/The+Tor+exit+node+of+mailbox.org)onian. هەرچۆنێک بێت، ناتوانیت لە ڕێگەی ڕووکاری ماڵپەڕی پۆستەی ئەلکتڕۆنییەکەیان خزمەتگوزاری .onian بەکاربهێنیت وە لەوانەیە ڕووبەڕووی هەڵەی بڕوانامەی TLS ببیتەوە.
You can access your Mailbox.org account via IMAP/SMTP using their [.onion service](https://kb.mailbox.org/en/private/faq-article/the-tor-exit-node-of-mailbox-org). هەرچۆنێک بێت، ناتوانیت لە ڕێگەی ڕووکاری ماڵپەڕی پۆستەی ئەلکتڕۆنییەکەیان خزمەتگوزاری .onian بەکاربهێنیت وە لەوانەیە ڕووبەڕووی هەڵەی بڕوانامەی TLS ببیتەوە.
هەموو هەژمارەکانی کە هەورە کۆگایەکی سنوورداریان هەیە، [دەتوانرێت شفر بکرێن](https://kb.mailbox.org/display/MBOKBEN/Encrypt+files+on+your+Drive). Mailbox.org also offers the alias [@secure.mailbox.org](https://kb.mailbox.org/display/MBOKBEN/Ensuring+E-Mails+are+Sent+Securely), which enforces the TLS encryption on the connection between mail servers, otherwise the message will not be sent at all. Mailbox.org also supports [Exchange ActiveSync](https://en.wikipedia.org/wiki/Exchange_ActiveSync) in addition to standard access protocols like IMAP and POP3.
All accounts come with limited cloud storage that [can be encrypted](https://kb.mailbox.org/en/private/drive-article/encrypt-files-on-your-drive). Mailbox.org also offers the alias [@secure.mailbox.org](https://kb.mailbox.org/en/private/e-mail-article/ensuring-e-mails-are-sent-securely), which enforces the TLS encryption on the connection between mail servers, otherwise the message will not be sent at all. Mailbox.org also supports [Exchange ActiveSync](https://en.wikipedia.org/wiki/Exchange_ActiveSync) in addition to standard access protocols like IMAP and POP3.
Mailbox.org has a digital legacy feature for all plans. You can choose whether you want any of your data to be passed to heirs providing that they apply and provide your testament. Alternatively, you can nominate a person by name and address.
@@ -185,18 +185,18 @@ These providers store your emails with zero-knowledge encryption, making them gr
[:octicons-eye-16:](https://tuta.com/privacy){ .card-link title="Privacy Policy" }
[:octicons-info-16:](https://tuta.com/faq){ .card-link title=Documentation}
[:octicons-code-16:](https://github.com/tutao/tutanota){ .card-link title="Source Code" }
[:octicons-heart-16:](https://tuta.com/community/){ .card-link title=Contribute }
[:octicons-heart-16:](https://tuta.com/community){ .card-link title=Contribute }
<details class="downloads" markdown>
<summary>Downloads</summary>
- [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=de.tutao.tutanota)
- [:simple-appstore: App Store](https://apps.apple.com/app/tutanota/id922429609)
- [:simple-appstore: App Store](https://apps.apple.com/app/id922429609)
- [:simple-github: GitHub](https://github.com/tutao/tutanota/releases)
- [:simple-windows11: Windows](https://tuta.com/#download)
- [:simple-apple: macOS](https://tuta.com/#download)
- [:simple-linux: Linux](https://tuta.com/#download)
- [:octicons-browser-16: Web](https://app.tuta.com/)
- [:octicons-browser-16: Web](https://app.tuta.com)
</details>
@@ -206,7 +206,7 @@ Tuta doesn't support the [IMAP protocol](https://tuta.com/faq/#imap) or the use
#### :material-check:{ .pg-green } دۆمەینە تایبەتیەکان و نازناوەکان
Paid Tuta accounts can use either 15 or 30 aliases depending on their plan and unlimited aliases on [custom domains](https://tuta.com/faq#custom-domain). Tuta doesn't allow for [subaddressing (plus addresses)](https://tuta.com/faq#plus), but you can use a [catch-all](https://tuta.com/howto#settings-global) with a custom domain.
Paid Tuta accounts can use either 15 or 30 aliases depending on their plan and unlimited aliases on [custom domains](https://tuta.com/faq#custom-domain). Tuta doesn't allow for [sub-addressing (plus addresses)](https://tuta.com/faq#plus), but you can use a [catch-all](https://tuta.com/howto#settings-global) with a custom domain.
#### :material-information-outline:{ .pg-blue } Private Payment Methods
@@ -232,7 +232,7 @@ Tuta will [delete inactive free accounts](https://tuta.com/faq#inactive-accounts
Tuta offers the business version of [Tuta to non-profit organizations](https://tuta.com/blog/posts/secure-email-for-non-profit) for free or with a heavy discount.
Tuta also has a business feature called [Secure Connect](https://tuta.com/secure-connect/). This ensures customer contact to the business uses E2EE. The feature costs €240/y.
Tuta also has a business feature called [Secure Connect](https://tuta.com/secure-connect). This ensures customer contact to the business uses E2EE. The feature costs €240/y.
Tuta doesn't offer a digital legacy feature.
@@ -284,14 +284,14 @@ Using an aliasing service requires trusting both your email provider and your al
- [:simple-android: Android](https://addy.io/faq/#is-there-an-android-app)
- [:material-apple-ios: iOS](https://addy.io/faq/#is-there-an-ios-app)
- [:simple-firefoxbrowser: Firefox](https://addons.mozilla.org/firefox/addon/addy_io/)
- [:simple-firefoxbrowser: Firefox](https://addons.mozilla.org/firefox/addon/addy_io)
- [:simple-googlechrome: Chrome](https://chrome.google.com/webstore/detail/addyio-anonymous-email-fo/iadbdpnoknmbdeolbapdackdcogdmjpe)
</details>
</div>
The number of shared aliases (which end in a shared domain like @addy.io) that you can create is limited to 10 on addy.io's free plan, 50 on their $1/month plan and unlimited on the $4/month plan (billed $3 for a year). You can create unlimited standard aliases (which end in a domain like @[username].addy.io or a custom domain on paid plans), however, as previously mentioned, this can be detrimental to privacy because people can trivially tie your standard aliases together based on the domain name alone. They are useful where a shared domain might be blocked by a service. Securitum [audited](https://addy.io/blog/addy-io-passes-independent-security-audit/) addy.io in September 2023 and no significant vulnerabilities [were identified](https://addy.io/addy-io-security-audit.pdf).
The number of shared aliases (which end in a shared domain like @addy.io) that you can create is limited to 10 on addy.io's free plan, 50 on their $1/month plan and unlimited on the $4/month plan (billed $3 for a year). You can create unlimited standard aliases (which end in a domain like @[username].addy.io or a custom domain on paid plans), however, as previously mentioned, this can be detrimental to privacy because people can trivially tie your standard aliases together based on the domain name alone. They are useful where a shared domain might be blocked by a service. Securitum [audited](https://addy.io/blog/addy-io-passes-independent-security-audit) addy.io in September 2023 and no significant vulnerabilities [were identified](https://addy.io/addy-io-security-audit.pdf).
Notable free features:
@@ -310,8 +310,8 @@ Notable free features:
**SimpleLogin** is a free service which provides email aliases on a variety of shared domain names, and optionally provides paid features like unlimited aliases and custom domains.
[:octicons-home-16: Homepage](https://simplelogin.io){ .md-button .md-button--primary }
[:octicons-eye-16:](https://simplelogin.io/privacy/){ .card-link title="Privacy Policy" }
[:octicons-info-16:](https://simplelogin.io/docs/){ .card-link title=Documentation}
[:octicons-eye-16:](https://simplelogin.io/privacy){ .card-link title="Privacy Policy" }
[:octicons-info-16:](https://simplelogin.io/docs){ .card-link title=Documentation}
[:octicons-code-16:](https://github.com/simple-login){ .card-link title="Source Code" }
<details class="downloads" markdown>
@@ -320,16 +320,16 @@ Notable free features:
- [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=io.simplelogin.android)
- [:simple-appstore: App Store](https://apps.apple.com/app/id1494359858)
- [:simple-github: GitHub](https://github.com/simple-login/Simple-Login-Android/releases)
- [:simple-firefoxbrowser: Firefox](https://addons.mozilla.org/firefox/addon/simplelogin/)
- [:simple-firefoxbrowser: Firefox](https://addons.mozilla.org/firefox/addon/simplelogin)
- [:simple-googlechrome: Chrome](https://chrome.google.com/webstore/detail/dphilobhebphkdjbpfohgikllaljmgbn)
- [:simple-microsoftedge: Edge](https://microsoftedge.microsoft.com/addons/detail/simpleloginreceive-sen/diacfpipniklenphgljfkmhinphjlfff)
- [:simple-safari: Safari](https://apps.apple.com/app/id1494051017)
- [:simple-safari: Safari](https://apps.apple.com/app/id6475835429)
</details>
</div>
SimpleLogin was [acquired by Proton AG](https://proton.me/news/proton-and-simplelogin-join-forces) as of April 8, 2022. If you use Proton Mail for your primary mailbox, SimpleLogin is a great choice. As both products are now owned by the same company you now only have to trust a single entity. We also expect that SimpleLogin will be more tightly integrated with Proton's offerings in the future. SimpleLogin continues to support forwarding to any email provider of your choosing. Securitum [audited](https://simplelogin.io/blog/security-audit/) SimpleLogin in early 2022 and all issues [were addressed](https://simplelogin.io/audit2022/web.pdf).
SimpleLogin was [acquired by Proton AG](https://proton.me/news/proton-and-simplelogin-join-forces) as of April 8, 2022. If you use Proton Mail for your primary mailbox, SimpleLogin is a great choice. As both products are now owned by the same company you now only have to trust a single entity. We also expect that SimpleLogin will be more tightly integrated with Proton's offerings in the future. SimpleLogin continues to support forwarding to any email provider of your choosing. Securitum [audited](https://simplelogin.io/blog/security-audit) SimpleLogin in early 2022 and all issues [were addressed](https://simplelogin.io/audit2022/web.pdf).
You can link your SimpleLogin account in the settings with your Proton account. If you have the Proton Unlimited, Business, or Visionary Plan, you will have SimpleLogin Premium for free.
@@ -352,9 +352,9 @@ Advanced system administrators may consider setting up their own email server. M
**Mailcow** is a more advanced mail server perfect for those with a bit more Linux experience. It has everything you need in a Docker container: A mail server with DKIM support, antivirus and spam monitoring, webmail and ActiveSync with SOGo, and web-based administration with 2FA support.
[:octicons-home-16: Homepage](https://mailcow.email){ .md-button .md-button--primary }
[:octicons-info-16:](https://mailcow.github.io/mailcow-dockerized-docs/){ .card-link title=Documentation}
[:octicons-info-16:](https://docs.mailcow.email){ .card-link title=Documentation}
[:octicons-code-16:](https://github.com/mailcow/mailcow-dockerized){ .card-link title="Source Code" }
[:octicons-heart-16:](https://www.servercow.de/mailcow?lang=en#sal){ .card-link title=Contribute }
[:octicons-heart-16:](https://servercow.de/mailcow?lang=en#sal){ .card-link title=Contribute }
</div>
@@ -372,8 +372,8 @@ Advanced system administrators may consider setting up their own email server. M
For a more manual approach we've picked out these two articles:
- [Setting up a mail server with OpenSMTPD, Dovecot and Rspamd](https://poolp.org/posts/2019-09-14/setting-up-a-mail-server-with-opensmtpd-dovecot-and-rspamd/) (2019)
- [How To Run Your Own Mail Server](https://www.c0ffee.net/blog/mail-server-guide/) (August 2017)
- [Setting up a mail server with OpenSMTPD, Dovecot and Rspamd](https://poolp.org/posts/2019-09-14/setting-up-a-mail-server-with-opensmtpd-dovecot-and-rspamd) (2019)
- [How To Run Your Own Mail Server](https://c0ffee.net/blog/mail-server-guide) (August 2017)
## Criteria
@@ -386,7 +386,7 @@ We regard these features as important in order to provide a safe and optimal ser
**Minimum to Qualify:**
- Encrypts email account data at rest with zero-access encryption.
- Export capability as [Mbox](https://en.wikipedia.org/wiki/Mbox) or individual .eml with [RFC5322](https://datatracker.ietf.org/doc/rfc5322/) standard.
- Export capability as [Mbox](https://en.wikipedia.org/wiki/Mbox) or individual .eml with [RFC5322](https://datatracker.ietf.org/doc/rfc5322) standard.
- Allow users to use their own [domain name](https://en.wikipedia.org/wiki/Domain_name). Custom domain names are important to users because it allows them to maintain their agency from the service, should it turn bad or be acquired by another company which doesn't prioritize privacy.
- Operates on owned infrastructure, i.e. not built upon third-party email service providers.
@@ -397,7 +397,7 @@ We regard these features as important in order to provide a safe and optimal ser
- Support for [WKD](https://wiki.gnupg.org/WKD) to allow improved discovery of public OpenPGP keys via HTTP. GnuPG users can get a key by typing: `gpg --locate-key example_user@example.com`
- Support for a temporary mailbox for external users. This is useful when you want to send an encrypted email, without sending an actual copy to your recipient. These emails usually have a limited lifespan and then are automatically deleted. They also don't require the recipient to configure any cryptography like OpenPGP.
- Availability of the email provider's services via an [onion service](https://en.wikipedia.org/wiki/.onion).
- [Subaddressing](https://en.wikipedia.org/wiki/Email_address#Subaddressing) support.
- [Sub-addressing](https://en.wikipedia.org/wiki/Email_address#Sub-addressing) support.
- Catch-all or alias functionality for those who own their own domains.
- Use of standard email access protocols such as IMAP, SMTP or [JMAP](https://en.wikipedia.org/wiki/JSON_Meta_Application_Protocol). Standard access protocols ensure customers can easily download all of their email, should they want to switch to another provider.
@@ -425,13 +425,13 @@ Email servers deal with a lot of very sensitive data. We expect that providers w
- Protection of webmail with 2FA, such as TOTP.
- Zero access encryption, builds on encryption at rest. The provider does not have the decryption keys to the data they hold. This prevents a rogue employee leaking data they have access to or remote adversary from releasing data they have stolen by gaining unauthorized access to the server.
- [DNSSEC](https://en.wikipedia.org/wiki/Domain_Name_System_Security_Extensions) support.
- No TLS errors or vulnerabilities when being profiled by tools such as [Hardenize](https://www.hardenize.com/), [testssl.sh](https://testssl.sh/), or [Qualys SSL Labs](https://www.ssllabs.com/ssltest); this includes certificate related errors and weak DH parameters, such as those that led to [Logjam](https://en.wikipedia.org/wiki/Logjam_(computer_security)).
- No TLS errors or vulnerabilities when being profiled by tools such as [Hardenize](https://hardenize.com), [testssl.sh](https://testssl.sh), or [Qualys SSL Labs](https://ssllabs.com/ssltest); this includes certificate related errors and weak DH parameters, such as those that led to [Logjam](https://en.wikipedia.org/wiki/Logjam_(computer_security)).
- A server suite preference (optional on TLSv1.3) for strong cipher suites which support forward secrecy and authenticated encryption.
- A valid [MTA-STS](https://tools.ietf.org/html/rfc8461) and [TLS-RPT](https://tools.ietf.org/html/rfc8460) policy.
- Valid [DANE](https://en.wikipedia.org/wiki/DNS-based_Authentication_of_Named_Entities) records.
- Valid [SPF](https://en.wikipedia.org/wiki/Sender_Policy_Framework) and [DKIM](https://en.wikipedia.org/wiki/DomainKeys_Identified_Mail) records.
- Have a proper [DMARC](https://en.wikipedia.org/wiki/DMARC) record and policy or use [ARC](https://en.wikipedia.org/wiki/Authenticated_Received_Chain) for authentication. If DMARC authentication is being used, the policy must be set to `reject` or `quarantine`.
- A server suite preference of TLS 1.2 or later and a plan for [RFC8996](https://datatracker.ietf.org/doc/rfc8996/).
- A server suite preference of TLS 1.2 or later and a plan for [RFC8996](https://datatracker.ietf.org/doc/rfc8996).
- [SMTPS](https://en.wikipedia.org/wiki/SMTPS) submission, assuming SMTP is used.
- Website security standards such as:
- [HTTP Strict Transport Security](https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security)
@@ -446,7 +446,7 @@ Email servers deal with a lot of very sensitive data. We expect that providers w
- Bug-bounty programs and/or a coordinated vulnerability-disclosure process.
- Website security standards such as:
- [Content Security Policy (CSP)](https://en.wikipedia.org/wiki/Content_Security_Policy)
- [RFC9163 Expect-CT](https://datatracker.ietf.org/doc/rfc9163/)
- [RFC9163 Expect-CT](https://datatracker.ietf.org/doc/rfc9163)
### Trust