A Comparitech analysis of email security across 5,849 domains highlights significant vulnerabilities in the government and healthcare sectors, which scored poorly on essential email authentication protocols (SPF, DMARC, DKIM, MTA-STS). Government domains averaged 2.73 out of 8, with 27% lacking any protections. Healthcare domains fared slightly better at 3.43, yet 19% had no protections. Technology companies ranked highest with an average score of 4.83.
Overall, only 0.6% achieved full compliance, and only 3% employed MTA-STS, further indicating room for substantial improvement in email security across all sectors.