Gemessen am 2026-07-04 · öffentliches DNS
Ist haspa.de gegen E-Mail-Spoofing geschützt?
Noch nicht — haspa.de beobachtet DMARC nur (p=none); gefälschte Mails können weiterhin zugestellt werden.
Haltung unverändert seit dem 2026-06-19
Stärker geschützt als 18 % der Banken in Deutschland
38 % der Branche setzt bereits p=reject durch
D
DMARC
p=none
SPF
~all
DKIM
keiner gefunden
So behebst du es
Thomas, der DMARC-Copilot, findet jede Quelle, schreibt das exakte DNS und bringt deine Domain sicher von p=none zu p=reject.
Veröffentlichter Eintrag
v=DMARC1; p=none; rua=mailto:dmarcreport@haspa.de, mailto:haspa.dmarc@dgbit.datagroup.de; ruf=mailto:dmarcreport@haspa.de; sp=noneWas das bedeutet
- • Politique p=none : surveillance seule, aucun message non authentifié n'est bloqué.
- • SPF se termine par ~all (softfail) : acceptable en phase d’observation, viser -all à terme.
- • Aucune clé DKIM trouvée sur les sélecteurs courants (le domaine peut utiliser des sélecteurs non standards).
Verlauf
- 2026-06-26Erste MessungNur Beobachtung (p=none)
Über Hamburger Sparkasse
Hamburger Sparkasse is a major financial institution based in Hamburg, Germany, operating under the domain haspa.de. As a cooperative credit institution, it serves millions of retail and corporate clients through its banking, financing, and investment services. The haspa.de domain serves as the central hub for its official digital communications, encompassing client correspondence, transactional notifications, security alerts, contractual documents, and internal communications to employees across multiple locations.
This email infrastructure is critically important for a financial institution. Hamburger Sparkasse manages substantial volumes of sensitive correspondence including financial data, authentication information, and regulatory documents. Domain spoofing of haspa.de would present significant phishing and financial fraud risks, potentially compromising customer trust and facilitating the theft of banking credentials.
Within a reinforced regulatory environment, particularly through the NIS2 Directive on cybersecurity and resilience of essential operators, Hamburger Sparkasse must demonstrate a robust email authentication posture. Rigorous implementation of DMARC, SPF, and DKIM on haspa.de forms part of this obligation to protect critical infrastructure in the financial sector. This security enhancement also contributes to compliance with DORA (Digital Operational Resilience Act), applicable to financial sector entities.
The DMARC Observatory at dmarc.com documents the authentication posture of the haspa.de domain, enabling stakeholders to verify the protection level of this institution's official communications and to contribute to combating financial fraud at the European level.
