Stefan Sturm | NoSpamProxy

About Stefan Sturm

This author has yet to write their bio.
Meanwhile lets just say that we are proud Stefan Sturm contributed a whooping 358 entries.

Entries by Stefan Sturm

25Reports, All Topics, News, NoSpamProxy Cloud, NoSpamProxy Protection

Getting DKIM Right: The Key to Secure Email Communication

Emails end up in the customer’s spam folder or get rejected, but why? DKIM is configured, SPF is set up, and DMARC is running. Everything was green in the last check, six months ago. After all, DKIM is supposed to ensure that emails are cryptographically signed and that neither the sender nor the content can be tampered with. This scenario is not an isolated case, but rather the result of treating DKIM as a one-time task rather than an ongoing one. In this blog post, you’ll learn what’s important when using DKIM and what common mistakes you should avoid when setting up and maintaining DKIM.

18.05.2026 by Stefan Sturm

All Topics, News, NoSpamProxy Cloud, NoSpamProxy Protection

The Underestimated Risks of Spam and Quarantine Folders

In many companies, email quarantine is considered a standard component of IT security. What may seem like a sensible protective measure at first glance actually entails significant legal risks in practice. A ruling by the Federal Court of Justice makes it clear that companies should reassess the consequences of email quarantine.

05.05.2026 by Stefan Sturm

25Reports, 32Guards, All Topics, News, NoSpamProxy Cloud, NoSpamProxy Disclaimer, NoSpamProxy Encryption, NospamProxy Large Files, NoSpamProxy Protection, Product

Why IT service providers use NoSpamProxy to strategically strengthen their portfolio

Your customers are under attack every day: with spoofed sender domains, authentic-looking phishing attempts, malicious attachments and AI-generated text that even experienced employees can no longer distinguish from genuine corporate communications. Email is and remains the preferred entry point for cybercriminals. The question isn’t whether your customer will be affected, but when. You are responsible for the security and satisfaction of your customers and for the quality of your recommendations. That is exactly why it’s worth taking a closer look at NoSpamProxy.

23.04.2026 by Stefan Sturm

25Reports, 32Guards, All Topics, NoSpamProxy Cloud, NoSpamProxy Protection

ZIP bombs: big trouble in a small package

Imagine this: You receive an email with a seemingly harmless ZIP file attached, just a few kilobytes in size. Your system begins to unzip the file, and crashes. What follows is a system failure, wasted storage space, or, in the worst case, a gateway for further malicious code. The cause is a ZIP bomb, detonating within your IT infrastructure. In this blog post, we explain what ZIP bombs are, how they overload systems through extreme data compression and serve as a distraction for attacks, what variants exist, and how to effectively protect against them using multi-layered security mechanisms like NoSpamProxy.

13.04.2026 by Stefan Sturm

25Reports, 32Guards, All Topics, NoSpamProxy Cloud, NoSpamProxy Disclaimer, NoSpamProxy Encryption, NospamProxy Large Files, NoSpamProxy Protection, Product

NoSpamProxy: The Right Choice for Enterprise Environments

CEO fraud, phishing, ransomware via infected attachments: Email remains the preferred entry point for attackers. In enterprise environments, the risk is magnified: more mailboxes, more locations, more entry points. And the attacks are becoming more sophisticated. AI-generated text, spoofed sender domains, context-specific attempts at deception – what used to be recognizable by poor spelling is now almost indistinguishable from a genuine sender. Enterprise organizations with hundreds or thousands of mailboxes, complex IT landscapes, and strict compliance requirements have unique needs. This is where NoSpamProxy comes in.

31.03.2026 by Stefan Sturm

All Topics, NoSpamProxy Cloud, NoSpamProxy Disclaimer, NoSpamProxy Encryption, NospamProxy Large Files, Product

NoSpamProxy Server and NoSpamProxy Cloud: Differences and Tips for Switching

NoSpamProxy Server has proven itself over the years as a reliable on-premises solution for email security. Many companies have been using the solution for a long time—and for good reason: control over their own infrastructure, the ability to customize configurations, and independence from external services are compelling arguments for on-premises operation. But the IT landscape is changing—and cloud solutions are increasingly coming to the forefront. NoSpamProxy Cloud offers a compelling alternative to on-premises operation with NoSpamProxy Server. Both versions are developed on a shared codebase. Those who switch will find a familiar environment on the other side. In this article, we highlight the key differences between NoSpamProxy Server and NoSpamProxy Cloud—and explain how to successfully transition to the cloud step by step.

16.03.2026 by Stefan Sturm

25Reports, All Topics, NoSpamProxy Cloud, NoSpamProxy Protection

When invoices become a trap: Invoice fraud and what you can do about it

An accountant opens her mailbox in the morning. There is an email from her long-standing IT service provider – with an invoice for €14,800 attached. The IBAN looks strange, but a short note in the document explains: “Please note our new bank details.” She transfers the amount. Three weeks later, the real supplier sends the first reminder for the invoice – because the money was transferred to the wrong account. To an account abroad. The money is gone, irretrievably. Scenarios like this play out every day in companies around the world. This type of attack has a name: invoice fraud, a sub-form of what is known as Business Email Compromise (BEC). What is often overlooked is that there are always two victims. The recipient who transfers the money and the company whose identity was misused for the attack – and which may not even notice.

24.02.2026 by Stefan Sturm

All Topics, News, NoSpamProxy Cloud, NoSpamProxy Encryption, Tech & Support

End of TLS Client Authentication Certificates

Effective immediately, public CAs (certification authorities) are no longer permitted to use the Extended Key Usages (EKU) id-kp-clientAuth and id-kp-serverAuth simultaneously in TLS certificates. Those who do not comply with this rule will no longer be included in the Chrome Root Program and will therefore no longer appear in the Trust Store. We provide information about who is affected and what you should do now.

19.02.2026 by Stefan Sturm