Guidance - Set up government email services securely

Document Information

GSC Classification OFFICIAL
Access Policy Open
Reference bps60128-0000-00
Document Status Review Status
Primary Classification
Author Organisation Government Digital Service
Sponsor OrganisationNot Known
Trustee NPTC Standards Working Group,

Copyright Notice Copyright (c) 2016 National Police Technology Council (NPTC) group and the persons identified as the document authors. All rights reserved.


Government email administrators should follow this implementation guide to configure email services securely. It describes how to implement encryption and anti-spoofing, and how to pass an assessment to ensure your email service is configured and run in a secure way. Doing these three things will add your domain to a whitelist, which organisations can use to filter inbound and outbound email


The usage scenarios for bps60128-0000-00 have not been documented yet.

Normative References

bps60128-0000-00 link




Obsoleted By



We’d love you to discuss this item but please be aware that these discussions are publicly accessible.