Open Menu

Security Requirements

To enhance the security, stability and resiliency of all sites and services in .POST, all Registrants are contractually required to follow the technical security requirements set out below. These requirements are proactively monitored by the UPU as part of the .POST Compliance Program.

REQUIREMENT DESCRIPTION BENEFIT
Registrant Verification All Registrants are verified to confirm their identity and organization, and that they are qualified to register .POST domains
Reduces the potential for cybersquatting and other illegal activity, since only genuine community members will be eligible to register a domain.
 
Domain Verification Each request to registration a .POST domain is verified to ensure that the domain is available for registration by the Registrant Reduces the potential for cybersquatting and other illegal activity
DNSSEC
Mandatory deployment of Domain Name System Security Extensions across all .POST domains
 Minimizes potential for “man in middle” attacks by requiring all DNS traffic to be encrypted
Multi-Factor Authentication Mandatory use of multi-factor authentication for access to both the Registry and Registrar systems Minimizes potential unauthorized access to registrations systems, reducing the likelihood of hijacked or redirected domains 
Heightened TLS Mandatory use of TLS 1.2 or greater where possible Eliminates potential threat vectors associated with outdate browsers
HTTPS/SSL All .POST domain registrant need to obtain a digital certificate.  Will ensure that the .POST resolves to HTTPS, and all data is secured in transit 
Proactive Compliance Verification The UPU engages an external third-party security service to regularly monitor Registrants’ compliance with key security requirements/metrics Quick identification and remediation of potential security threats to minimize the risk of them being exploited.
Email Authentication
.POST domain registrants are required to publish in the DNS a text record:
1) Domain-based Message Authentication Reporting and Conformance (DMARC) record;
2) Sender Policy Framework (SPF) and/or DomainKeys Identified Mail (DKIM) records when the domain name is used for email
 DMARC helps minimize phishing and spoofing attack vectors and,  when used in conjunction with DMARC and DKIM,  increase the deliverability of email associated with that domain.

 

What's new from .POST

Featured

Spotlight

UPU Addressing

Post*Code API is a new address look-up application available to postal users and IT developers via the “address.post”.

Read more

Spotlight

La Poste Maroc / Pan African Postal Union

Une plateforme de vente en ligne de produits philatéliques des pays africains.

Read more

Spotlight

La Poste Maroc / Pan African Postal Union

Africa Philately Shop is an online platform for the sale of African philatelic products.

Read more

Spotlight

Tanzania Posts Corporation

Marketing and sales of Philatelic stamps and related products from Tanzania Post.

Read more

Spotlight

Correo Uruguayo - Philatelic Store

International window for Correo Uruguayo’s philatelic products.

Read more

Container

Video

Cosimo Birtolo discusses "How .POST increases online branding & visibility of postal services"

Container

Video

About .POST

Blog

A Space with High Potential

In the physical world, Posts offer a range of services that come with recognized value features. Now, Posts are looking to transfer these values to equivalent e-services.

Read more
More From the Newsroom