By State / New Hampshire
New Hampshire Trucking Email Security
80.3% of active carrier domains in New Hampshire have no enforced DMARC — leaving freight operators open to email impersonation, payment-redirect fraud, and cargo theft via phishing.
No enforced DMARC
80.3%
national: 80.1%
p=reject
8.2%
national: 7.5%
Microsoft 365
40.6%
national: 38.1%
M365 + no DMARC (carriers)
549
national: 92,822
MTA-STS
3.6%
national: 3.3%
DNSSEC
3.6%
national: 6.1%
Dead domains
51
of 1,750 scanned
Total carriers
1,970
52 with dead domain
Risk bands — New Hampshire carriers
Carrier counts by risk band (composite email-security pain score). Critical = score 70+; Minimal = score <15.
| Risk band | Score range | Carriers | Domains |
|---|---|---|---|
| Critical | score 70+ | 132 | 125 |
| High | score 50–69 | 660 | 536 |
| Medium | score 30–49 | 820 | 764 |
| Low | score 15–29 | 289 | 258 |
| Minimal | score <15 | 17 | 16 |
New Hampshire vs. national average
What the New Hampshire numbers actually mean
DMARC posture. New Hampshire's share of carrier domains with no enforced DMARC sits at 80.3% — within 0.2 points of the national average. enforced p=reject DMARC adoption is roughly in line with the national pool — meaning most New Hampshire domains either have no DMARC at all or are stuck at the monitor-only p=none policy. At the protective end of the distribution, 8.2% of New Hampshire domains are at p=reject — the only DMARC policy that actually instructs receivers to drop spoofed mail.
Microsoft 365 surface. Microsoft 365 mailflow adoption is heavier than the national distribution, which is consequential — every M365 tenant already includes the controls needed to enforce DMARC, so the 549 M365 carriers in New Hampshire with DMARC disabled are leaving paid-for protection switched off. That share is 27.9% of all New Hampshire carriers — a one-flag-flip remediation set that any regional MSP or in-house IT lead can clear in a single quarter.
Transport encryption. MTA-STS adoption sits at 3.6%, materially below the threshold a freight payment-redirect attacker would have to clear to be inconvenienced by transport-layer policy. DNSSEC adoption in New Hampshire runs at 3.6% (vs 6.1% national) — meaningful for downstream DKIM and MTA-STS validation, but still a minority signal.
Risk-band shape. New Hampshire's critical-band share is 6.7% versus 8.4% nationally, with the pressure shifting into the high band (33.5% of state carriers) where one or two control gaps still leave room for impersonation. The composite pain score blends SPF posture, DMARC enforcement, MTA-STS presence, and DNSSEC — so a carrier clusters in the critical band only when several controls fail together. Remediation that flips DMARC to enforcement plus turns on MTA-STS typically moves a carrier two bands down in one quarter.
What this means for buyers and shippers. If you are dispatching freight, settling broker payments, or receiving rate confirmations from New Hampshire-based carriers, the operational exposure is the 80.3%of domains that cannot stop a stranger from sending email in the carrier's name. Payment-redirect and load-redirect fraud rides on exactly that gap. Verifying a counterparty's DMARC posture before a first wire — a 30-second DNS lookup — is the cheapest control in the freight stack.
Compare New Hampshire with other states
States closest in carrier-count rank to New Hampshire. Each is scored on the same DNS-derived control set, so the comparison is apples-to-apples.
See where your own domain stands
The research is free and self-serve. Run the same public checks on your own domain in about a minute — SPF, DKIM, DMARC, MTA-STS, DNSSEC, and more — and get a scored report by email. No agents, no credentials.
Data as of 2026-05-20from public DNS measurements. Statistics are domain-weighted unless noted. State scope is the carrier's FMCSA-registered state. Methodology: read the full index.