The Kalenfy blog
Security, in plain English
Guides on SPF · DMARC · DNSSEC & more — then scan your site free
Fixes & troubleshooting
27 June 2026
How to Redirect HTTP to HTTPS (Force HTTPS)
Stop the 'Not secure' warning by forcing every visitor onto HTTPS. Here's how to redirect HTTP to HTTPS on Apache, Nginx and Cloudflare — and lock it in with HSTS. Free check.
Guides & checklists
27 June 2026
What Are HTTP Security Headers? (HSTS, CSP & More)
HTTP security headers tell browsers how to protect your visitors — blocking clickjacking, mixed content and more. Here's what each one does and how to add them. Free scan included.
DNS & domain security
27 June 2026
DNS Records Explained: A, CNAME, MX, TXT & More
A plain-English guide to DNS records — A, AAAA, CNAME, MX, TXT, NS and the security ones (CAA, DNSSEC). What each does, with a free scan to check your domain's setup.
Email authentication
27 June 2026
How to Create a DMARC Record (with Examples)
A plain-English guide to creating a DMARC record: every tag explained, copy-paste examples for starting out, enforcement and parked domains, and a free check of your result.
Guides & checklists
27 June 2026
How to Improve Email Deliverability
Reach the inbox, not spam. A practical guide to email deliverability — authentication, domain reputation, list hygiene and content — starting with a free check of your setup.
Email authentication
27 June 2026
How to Read DMARC Reports (RUA)
DMARC aggregate (RUA) reports arrive as unreadable XML. Here's what's actually in them, how to read the key fields, what to look for, and how to act on what you find.
Fixes & troubleshooting
27 June 2026
SPF ~all vs -all: Soft Fail vs Hard Fail
What's the difference between ~all and -all in an SPF record? Here's soft fail vs hard fail in plain English, which to use, and why the wrong one leaves you spoofable. Free check.
Email authentication
27 June 2026
Is My Domain Spoofable? (Free Spoofing Test)
Find out in seconds whether someone can send email pretending to be your domain. A free spoofing test that checks your SPF, DKIM and DMARC — and how to lock it down.
Guides & checklists
27 June 2026
Email Security & Compliance: What's Actually Required
Is DMARC required? What do GDPR, PCI and Google/Yahoo actually demand for email security? Here's what compliance really means for your domain — and how to prove you meet it.
DNS & domain security
27 June 2026
How to Set Up MTA-STS (Encrypt Inbound Mail)
MTA-STS forces inbound email to your domain over encrypted TLS, blocking downgrade attacks. Here's what it is, how to set up the policy and TLS-RPT, and how to check it free.