Domain authentication
SPF, DKIM, DMARC, PTR, and hostname checks are used to protect sending identity and reduce spoofing risk.
KasaPost is owned and managed by KasaBase, a Dallas, Texas based company. We focus on authenticated sending, encrypted access, account controls, abuse prevention, monitoring, and recoverability.
SPF, DKIM, DMARC, PTR, and hostname checks are used to protect sending identity and reduce spoofing risk.
The public website and control center use HTTPS. SMTP authentication requires TLS, and mail clients should use secure IMAP and submission ports.
MTA-STS and TLS reporting are prepared so receiving mail can require encrypted server-to-server transport once DNS is published.
Admin access is separated from mailbox use. Strong passwords and two-factor authentication are recommended for all operators.
Transactional API keys can be scoped, rotated, revoked, logged, and limited by tenant and domain reputation policy.
Suppression lists, support intake, rate limits, warmup holds, DMARC report parsing, and blocklist monitoring help reduce harmful mail.
Backup readiness checks are tracked. Full clean-server restore drills should be performed before larger production scale.
Security issues should be reported to security@kasapost.com with enough detail to reproduce or investigate the issue.
Independent security review, formal compliance artifacts, SSO options, and public incident history are future maturity items.