Add Email Security

[0xAnalyst]

https://github.com/0xAnalyst/awesome-email-security#readme

[A curated list for email security explaining protocols, best practices, file extensions to block and wordlists to check for when looking for email attacks]

By submitting this pull request I confirm I've read and complied with the below requirements 🖖

Please read it multiple times. I spent a lot of time on these guidelines and most people miss a lot.

Requirements for your pull request

• [✅ ] Don't open a Draft / WIP pull request while you work on the guidelines. A pull request should be 100% ready and should adhere to all the guidelines when you open it. Instead use #2242 for incubation visibility.
• [ ✅ ] Don't waste my time. Do a good job, adhere to all the guidelines, and be responsive.
• [ ✅ ] You have to review at least 2 other open pull requests.
• Add Microsoft Azure Architecture #3029
• Add Pentest Cheat Sheets #3068
  Try to prioritize unreviewed PRs, but you can also add more comments to reviewed PRs. Go through the below list when reviewing. This requirement is meant to help make the Awesome project self-sustaining. Comment here which PRs you reviewed. You're expected to put a good effort into this and to be thorough. Look at previous PR reviews for inspiration. Just commenting “looks good” or simply marking the pull request as approved does not count! You have to actually point out mistakes or improvement suggestions. Comments pointing out lint violation are allowed, but does not count as a review.
• [✅ ] You have read and understood the instructions for creating a list.
• [ ✅ ] This pull request has a title in the format Add Name of List. It should not contain the word Awesome.
  • ✅ Add Swift
  • ✅ Add Software Architecture
  • ❌ Update readme.md
  • ❌ Add Awesome Swift
  • ❌ Add swift
  • ❌ add Swift
  • ❌ Adding Swift
  • ❌ Added Swift
• [✅ ] Your entry here should include a short description of the project/theme of the list. It should not describe the list itself. The first character should be uppercase and the description should end in a dot. It should be an objective description and not a tagline or marketing blurb. It should not contain the name of the list.
  • ✅ - [iOS](…) - Mobile operating system for Apple phones and tablets.
  • ✅ - [Framer](…) - Prototyping interactive UI designs.
  • ❌ - [iOS](…) - Resources and tools for iOS development.
  • ❌ - [Framer](…)
  • ❌ - [Framer](…) - prototyping interactive UI designs
• [ ✅ ] Your entry should be added at the bottom of the appropriate category.
• [ ✅ ] The title of your entry should be title-cased and the URL to your list should end in #readme.
  • Example: - [Software Architecture](https://github.com/simskij/awesome-software-architecture#readme) - The discipline of designing and building software.
• [✅ ] No blockchain-related lists.
• The suggested Awesome list complies with the below requirements.

Requirements for your Awesome list

• [ ✅ ] Has been around for at least 30 days.
  That means 30 days from either the first real commit or when it was open-sourced. Whatever is most recent.
• [✅ ] Run awesome-lint on your list and fix the reported issues. If there are false-positives or things that cannot/shouldn't be fixed, please report it.
• The default branch should be named main, not master.
• [ ✅ ] Includes a succinct description of the project/theme at the top of the readme. (Example)
  • ✅ Mobile operating system for Apple phones and tablets.
  • ✅ Prototyping interactive UI designs.
  • ❌ Resources and tools for iOS development.
  • ❌ Awesome Framer packages and tools.
• [ ]✅ It's the result of hard work and the best I could possibly produce.
  If you have not put in considerable effort into your list, your pull request will be immediately closed.
• [ ✅ ] The repo name of your list should be in lowercase slug format: awesome-name-of-list.
  • ✅ awesome-swift
  • ✅ awesome-web-typography
  • ❌ awesome-Swift
  • ❌ AwesomeWebTypography
• [ ✅ ] The heading title of your list should be in title case format: # Awesome Name of List.
  • ✅ # Awesome Swift
  • ✅ # Awesome Web Typography
  • ❌ # awesome-swift
  • ❌ # AwesomeSwift
• [ ✅ ] Non-generated Markdown file in a GitHub repo.
• [✅ ] The repo should have awesome-list & awesome as GitHub topics. I encourage you to add more relevant topics.
• [✅ ] Not a duplicate. Please search for existing submissions.
• [✅ ] Only has awesome items. Awesome lists are curations of the best, not everything.
• Does not contain items that are unmaintained, has archived repo, deprecated, or missing docs. If you really need to include such items, they should be in a separate Markdown file.
• [ ✅ ] Includes a project logo/illustration whenever possible.
  • Either centered, fullwidth, or placed at the top-right of the readme. (Example)
  • The image should link to the project website or any relevant website.
  • The image should be high-DPI. Set it to a maximum of half the width of the original image.
  • Don't include both a title saying Awesome X and a logo with Awesome X. You can put the header image in a # (Markdown header) or <h1>.
• [✅ ] Entries have a description, unless the title is descriptive enough by itself. It rarely is though.
• [ ✅ ] Includes the Awesome badge.
  • Should be placed on the right side of the readme heading.
    • Can be placed centered if the list has a centered graphics header.
  • Should link back to this list.
• [ ✅ ] Has a Table of Contents section.
  • Should be named Contents, not Table of Contents.
  • Should be the first section in the list.
  • Should only have one level of nested lists, preferably none.
  • Must not feature Contributing or Footnotes sections.
• [✅ ] Has an appropriate license.
  • We strongly recommend the CC0 license, but any Creative Commons license will work.
    • Tip: You can quickly add it to your repo by going to this URL: https://github.com/<user>/<repo>/community/license/new?branch=main&template=cc0-1.0 (replace <user> and <repo> accordingly).
  • A code license like MIT, BSD, Apache, GPL, etc, is not acceptable. Neither are WTFPL and Unlicense.
  • Place a file named license or LICENSE in the repo root with the license text.
  • Do not add the license name, text, or a Licence section to the readme. GitHub already shows the license name and link to the full text at the top of the repo.
  • To verify that you've read all the guidelines, please comment on your pull request with just the word unicorn.
• [✅ ] Has contribution guidelines.
  • The file should be named contributing.md. The casing is up to you.
  • It can optionally be linked from the readme in a dedicated section titled Contributing, positioned at the top or bottom of the main content.
  • The section should not appear in the Table of Contents.
• [✅ ] All non-important but necessary content (like extra copyright notices, hyperlinks to sources, pointers to expansive content, etc) should be grouped in a Footnotes section at the bottom of the readme. The section should not be present in the Table of Contents.
• [ ✅ ] Has consistent formatting and proper spelling/grammar.
  • The link and description are separated by a dash.
    Example: - [AVA](…) - JavaScript test runner.
  • The description starts with an uppercase character and ends with a period.
  • Consistent and correct naming. For example, Node.js, not NodeJS or node.js.
• [ ✅ ] Does not use hard-wrapping.
• [ ✅ ] Does not include a CI (e.g. GitHub Actions) badge.
  You can still use a CI for linting, but the badge has no value in the readme.
• [ ]✅ Does not include an Inspired by awesome-foo or Inspired by the Awesome project kinda link at the top of the readme. The Awesome badge is enough.

Go to the top and read it again.

[lutzh]

Certainly an interesting topic. I feel it addresses two very different groups of people though - e-mail users (in terms of encryption, e.g. mime certificates), and e-mail administrators / server operators.
As an improvement, I'd suggest

• separate it more clearly into sections for admins and users
• in the users section, have more hands-on advice, e.g. not just info about s/mime, but how to set it up in popular e-mail clients.

Or make the list more focussed, e.g. for admins only.

[sindresorhus]

Thanks for making an Awesome list! 🙌

It looks like you didn't read the guidelines closely enough. I noticed multiple things that are not followed. Try going through the list point for point to ensure you follow it. I spent a lot of time creating the guidelines so I wouldn't have to comment on common mistakes, and rather spend my time improving Awesome.

[0xAnalyst]

Certainly an interesting topic. I feel it addresses two very different groups of people though - e-mail users (in terms of encryption, e.g. mime certificates), and e-mail administrators / server operators. As an improvement, I'd suggest

• separate it more clearly into sections for admins and users
• in the users section, have more hands-on advice, e.g. not just info about s/mime, but how to set it up in popular e-mail clients.

Or make the list more focussed, e.g. for admins only.

This is for security engineers and not normal email users

[0xAnalyst]

Thanks for making an Awesome list! 🙌

It looks like you didn't read the guidelines closely enough. I noticed multiple things that are not followed. Try going through the list point for point to ensure you follow it. I spent a lot of time creating the guidelines so I wouldn't have to comment on common mistakes, and rather spend my time improving Awesome.

I made a mistake for the old pull request and set it to a different branch that is why I opened this new one. this is compliant

[0xAnalyst]

Thanks for making an Awesome list! 🙌
It looks like you didn't read the guidelines closely enough. I noticed multiple things that are not followed. Try going through the list point for point to ensure you follow it. I spent a lot of time creating the guidelines so I wouldn't have to comment on common mistakes, and rather spend my time improving Awesome.

I made a mistake for the old pull request and set it to a different branch that is why I opened this new one. this is compliant

This was the old pull request
#3095

[MaxGripe]

I like this list. Perhaps it would be worth adding Proton Mail to the commercial section? Or maybe it's not considered "secure enough" according to experts? :)

[0xAnalyst]

I like this list. Perhaps it would be worth adding Proton Mail to the commercial section? Or maybe it's not considered "secure enough" according to experts? :)

what parts of Protonmail need to be added? it is about protocols for email security and not email providers?

[MaxGripe]

I'm sorry, I thought the thematic scope of this list was a bit broader. My mistake :)

[michaelbrusegard]

A code license like MIT, BSD, Apache, GPL, etc, is not acceptable. Neither are WTFPL and Unlicense.

You are using the Apache License, should probably change this!