TROY runs phishing simulations against real employees. We treat the platform itself with the same paranoia we want our customers to apply.
Every sending domain publishes a strict SPF record limited to the IPs we operate. Pre-flight refuses to send from a domain whose SPF returns anything other than pass.
Per-domain RSA-2048 DKIM keypairs. Signing is performed by OpenDKIM as a milter on the MTA. Selectors rotate annually with overlap.
Every domain publishes DMARC starting at p=none with aggregate reporting. We move to p=quarantine after two clean weeks of reports.
Outbound deliveries opportunistically negotiate TLS 1.3. Inbound HTTPS uses Let's Encrypt with auto-renewal.
Every IP we operate has a forward-confirmed reverse DNS record. PTR alignment is checked on every send.
RFC 8058 one-click List-Unsubscribe is present on every outbound message, including simulation campaigns.
Row-level filters at the ORM layer. A tenant operator cannot construct a query that returns another tenant's data. Cross-tenant access is reserved to documented super-admin roles with audit logging.
SQL Server TDE on the application database. Submitted credentials and DKIM private keys are additionally encrypted at the column level.
Simulation event logs are retained for 100 days, then aggregated and the raw events purged. Submitted credentials are stored only in encrypted form and discarded on the same schedule.
Every operator action that creates, modifies, or deletes a tenant-scoped record is recorded with old/new values, IP address, and signed-in user. Audit logs are append-only.
Live campaigns require a signed authorization document on file from the target organization. The consent record is verified at send time.
The abuse@troy-mail.com mailbox is monitored continuously. Confirmed abuse triggers immediate suspension of the offending tenant and an internal review.
The platform is registered with Microsoft SNDS and Google Postmaster Tools. Spam complaints feed into per-domain reputation alerts.
Email security@lancelotech.com with details. We confirm receipt within one business day and provide a remediation timeline.