CSC released its third annual Domain Security Report that found three out of four Forbes Global 2000 companies have not adopted key domain security measures—exposing them to high risk of security threats. These companies have implemented less than half… Continue reading Many Global 2000 companies lack proper domain security
I’ve recently started configuringn and using DMARC reports and I have the following question. How can the DKIM domain not be my domain (and pass)?
I have the following report
<source_ip>185.53.XXX.XX… Continue reading DKIM from another domain, how does it work?
I am trying to get the DKIM and SPF settings correct for a client who uses both GSuite and WordPress to send her emails.
I added this dmarc: v=DMARC1; p=none; rua=mailto:l***@******ney.com; fo=1; adkim=r; aspf=r;
(when I set the p to quara… Continue reading DKIM/SPF What does it mean when policy_evaluated fails but auth_results passes?
IP addresses can be spoofed. The Envelope-From and Header-From addresses can be spoofed as well. But is it possible to spoof all three at the same time to send a forged email that passes both SPF and SPF alignment in DMARC?
If it is possib… Continue reading Can DMARC’s SPF alignment be spoofed?
Proofpoint released new research which found that the top universities in the United States, the United Kingdom and Australia are lagging on basic cybersecurity measures, subjecting students, staff and stakeholders to higher risks of email-based impers… Continue reading Universities are at risk of email-based impersonation attacks
I have set up DMARC for some months now and I am using dmarc-visualizer to parse the reports.
Overall I am happy so we can advance towards BIMI, but before switching to quarantine or reject on DMARC, there is a behavior that I cannot under… Continue reading DMARC falsely reports impersonation
Phishers are exploiting a flaw in Google’s SMTP relay service to send malicious emails spoofing popular brands. Avanan researcher Jeremy Fuchs says that starting in April 2022, they have seen a massive uptick of these SMTP relay service exploit attacks… Continue reading Phishers exploit Google’s SMTP Relay service to deliver spoofed emails
I have set adkim=s and aspf=s, the DMARC check on mxtoolbox.com passes all tests. However, I’m using the default DKIM from microsoft, so from my understanding DMARC should fail since the alignment check with DKIM should fail. However, it p… Continue reading Why is DMARC Passing, when it seems like there is no alignment?
Rewriting for clarity:
This is regarding emails send from a 3rd party marketer spoofing one of our email addresses in the message header from field. In these emails the envelope sender would come from "firstname.lastname@example.org&q… Continue reading Authorizing 3rd Party Envelope Sender to Impersonate Header Sender
A few companies I know say they have a DMARC record for email domain set up as a CNAME record and not a TXT record after I told them that their missing DMARC. Is there a way I can validate this externally?
I know mxtoolbox.com provides a w… Continue reading Can I check if domain has DMARC setup as CNAME record