Valimail Industry Leadership

Our commitment to restoring email trust.

With deep expertise in internet security and resilient infrastructure, the Valimail team regularly contributes to standards and threat detection communities — driving today’s email authentication policies and tomorrow’s cybersecurity advancements. We have a corporate commitment to lifting up the messaging industry as a whole and working collaboratively with partners throughout the ecosystem to restore trust to email.

We participate in several organizations working to make a difference.

We write and maintain open source code used by the largest mailbox providers (like Oath/Yahoo!) and make our contributions available to all, fixing issues in an accessible, scalable, global way.

We contribute to the protocols that continue to advance email and make it better for everyone.

Our contribution

  • Messaging Malware Mobile Anti-Abuse Working Group
    Board Member Technical Committee Co-Chair Collaboration Committee Co-Chair

    M3AAWG is where the industry comes together to work against botnets, malware, spam, viruses, DoS attacks and other online exploitation.

    Visite website
  • Information Technology – Information Sharing and Analysis Center
    Member

    The IT-ISAC mission is to grow a diverse community of companies that leverage information technology and have in common a commitment to cyber-security; to serve as a force multiplier that enables collaboration and sharing of relevant, actionable cyber threat information and effective security policies and practices for the benefit of all.

    Visite website
  • Internet Engineering Task Force
    Secretary of IETF DMARC working group, contributor

    IETF is the premier Internet standards body, developing open standards through open processes.

    Visite website
  • AuthIndicators Working Group
    Chair

    AuthIndicators Working Group works to create a richer, more trustworthy inbox experience for all email users worldwide while increasing the use of authentication to reduce email fraud and is the creator of the Brand Indicators for Message Identification (BIMI) standard.

    Visite website
  • Anti-Phishing Working Group
    Contributor

    APWG is an international coalition unifying the global response to cybercrime across industry, government and law-enforcement sectors, and NGO communities.

    Visite website
  • Internet Society
    Member

    ISOC provides an organizational home and financial support for the Internet standards evolution process.

    Visite website
  • Online Trust Alliance
    Member

    OTA is an initiative within the Internet Society (ISOC), a global non-profit with the mission to promote the open development, evolution, and use of the Internet for the benefit of all people throughout the world.

    Visite website
  • Global Cyber Alliance
    Member

    GCA is an international, cross-sector effort dedicated to eradicating cyber risk and improving our connected world.

    Visite website
  • Certified Senders Alliance
    Member

    CSA acts as a neutral interface between mailbox providers and senders of commercial emails.

    Visite website
  • Trusted Domain Project
    Contributor

    The TDP produces open source products and open standards in support of improving trust in the use of domain names.

    Visite website
  • Dmarc.org
    Member

    DMARC.org promotes the use of DMARC and related email authentication technologies to reduce fraudulent email, in a way that can be sustained at Internet scale.

    Visite website
  • Financial Services Information Sharing and Analysis Center
    Member

    FS-ISAC is the only industry forum for collaboration on critical security threats facing the global financial services sector.

    Visite website
  • Health Information Sharing and Analysis Center
    Navigator

    H-ISAC is a global, non-profit, member-driven organization offering health care stakeholders a trusted community and forum for coordinating, collaborating and sharing vital Physical and Cyber Threat Intelligence and best practices with each other.

    Visite website
  • Center for Internet Security
    Member

    CIS harnesses the power of a global IT community to safeguard public and private organizations against cyber threats.

    Visite website
  • Automotive Information Sharing and Analysis Center
    Member

    AUTO-ISAC is an industry-driven community to share and analyze intelligence about emerging cybersecurity risks to the vehicle, and to collectively enhance vehicle cybersecurity capabilities across the global automotive industry, including light- and heavy-duty vehicle OEMs, suppliers and the commercial vehicle sector.

    Visite website
  • Retail and Hospitality Information Sharing and Analysis Center
    Member

    This association connects information security teams at the strategic, operational and tactical levels to work together on issues and challenges, to share practices and insights, and to benchmark among each other – all with the goal of building better security for the retail and hospitality industries through collaboration.

    Visite website
  • DNSAdapter

    DNSAdapter contains a set of useful adapter classes that present a common set of return types and errors for DNS services. This adapter layer makes it simple to swap in different DNS providers and was written by Valimail.

    Visite website
  • Postshift

    Created and maintained by Valimail, Postshiftprovides an Amazon Redshift extension for ActiveRecord 5 (Rails 5) PostgreSQL adapter based off of the existing activerecord5-redshift-adapter.

    Visite website
  • Mailman ARC patch

    Valimail built the Mailman ARC patch, which provides ARC functionality for Mailman 3. Mailman is one of the most widely deployed mailing list management software in the world.

    Visite website
  • OpenDMARC

    Valimail maintains OpenDMARC and contributes code to support the evaluation and reporting of ARC. OpenDMARC is a community effort to develop and maintain an open source package for providing DMARC report generation and policy enforcement services.

    Visite website
  • OpenDKIM

    OpenDKIM is maintained by Valimail. We contribute code to support the evaluation and reporting of ARC to this TDP software that supports 100’s of millions of mailboxes.

    Visite website
  • devise-secure_password

    Valimail wrote this password policy enforcement extension for devise-gem, which is a flexible authentication solution for Rails based on Warden.

    Visite website
  • Coppertone

    Coppertone, written and maintained by Valimail, provides a Sender Policy Framework (SPF) toolkit for Ruby and includes tools for parsing SPF DNS records, evaluating the result of SPF checks for received emails, and creating appropriate email headers from the SPF result.

    Visite website
  • Authentication Headers

    Authentication Headers, written and maintained by Valimail, is a Python library for the generation of email authentication headers. The library can perform DKIM, SPF, DMARC, and ARC validation and generate and affix the corresponding headers.

    Visite website
  • Sympa

    Sympa is an electronic mailing list manager used to automate list management functions such as subscription, moderation and management of archives.

    Visite website
  • ARC test suite

    Written by Valimail, the ARC Test Suite is an informal schema for the open source test suites for the Authenticated Received Chain(ARC)protocol, illustrated with examples

    Visite website
  • OpenARC

    OpenARC is a community effort to develop and maintain an open source library for producing ARC-aware applications, and a “milter”-based filter for providing ARC service. Valimail has contributed, tested, and managed the completion of this project.

    Visite website
  • Mail::DKIM

    Valimail contributed code that supports ARC within Mail::DKIM, which implements the various components of the DKIM and DomainKeys message-signing and verifying standards for Internet mail.

    Visite website
  • dkimpy

    dkimpy is a Python module that implements DKIM (DomainKeys Identified Mail) email signing and verification. It also provides helper scripts for command line signing and verification. Valimail contributions support ARC functionality and bug fixes as the standard evolves.

    Visite website
  • Dalli

    Dalli is high performance, pure Ruby client for accessing memcached servers and is maintained by Valimail.

    Visite website
  • DKIM

    DomainKeys Identified Mail (DKIM CRypto UPdate) working group is chartered to update DomainKeys Identified Mail (DKIM, RFC 6376) to handle more modern cryptographic algorithms and key sizes. As shepherds of DCRUP (RFC 8301), Valimail played a key role in the publishing and availability of this standard. We advocate for cryptographic updates that make DKIM stronger.

    Visite website
  • ARC

    The Authenticated Received Chain (ARC) protocol allows Internet Mail Handlers to attach assertions of message authentication state to individual messages. As messages traverse ARC-enabled Internet Mail Handlers, additional ARC assertions can be attached to messages to form ordered sets of ARC assertions that represent authentication state along each step of message handling paths. Valimail and Google are two of the editors of the ARC specification. Together, we are working to build ARC as a supplemental but crucial piece of the current DMARC standard.

    Visite website