Collaborate Disseminate
I’ve always heard about DMARC spoofing, and I would like to test it by myself since it could be an important aspect in a social engineering attack.
Doing some research I found this article, but I couldn’t manage to send a "spoofed&quo… Continue reading How to spoof a DMARC? [closed]
Despite setting up strict DMARC, SPF, and having DKIM enabled, I am still easily able to spoof the "From" address. I can easily do this with PHPMailer on my Mac and even with some free 3rd party tools like
https://emkei.cz/
http… Continue reading Still able to spoof emails with strict DMARC, SPF and DKIM enabled
I have quite a few questions about email security on my custom domains (SPF, DKIM, DMARC,… etc).
Let me start with Why this email got forwarded successfully, please allow an image for the words, an XML report you find below.
I simply… Continue reading Spoofed forwarded email? Help with analyzing of DMARC report
Why did this email get forwarded successfully? An XML report is below:
I simply cannot understand the delivery status, a transcript follows:
This email has been automatically forwarded. Despite the fact that DMARC has failed, the email w… Continue reading Spoofed forwarded email? Help with analyzing of DMARC report
I run the the email for several domains and receive the domain reports on their behalf. Google is our email provider.
enterprise.protection.outlook.com, sends aggregate reports with an envelope_to header, revealing to whom the email is be… Continue reading dmarc privacy concern with microsoft reports
Unless I don’t understand the idea behind DMARC reports, is there a way to set the dmark record so that you only receive email reports when there is a dkim or spf failure?
I’ve only recently set my out-bound mail server to add dkim headers… Continue reading How to receive DMARC reports only when there is a DKIM or SPF fail (not if both pass)? [closed]
Please bear with me, I’m definitely not an expert here, and this is one case where Google, Bing, and their many AIs are not getting me a useful answer…
TL;DR? I’m looking for information on how to embed a logotype on a X.509 PEM certific… Continue reading Trying to set up a crude prototype system to test BIMI using open-source tools
I created an online account and received the usual welcome email. In addition, however, an "Undelivered Mail Returned to Sender" email appeared in my inbox one second later. I am the supposed sender, and the website I registered … Continue reading "Undelivered Mail" I never sent (after registration on website)
My relative received an email from a bill they were expecting to pay. So they paid said bill.
Only problem is: it was a spoofed email, and the real bill only came in later.
I checked the email on the email platform (Outlook) and there was … Continue reading Spoofed email: whose fault is it?
CSC released its third annual Domain Security Report that found three out of four Forbes Global 2000 companies have not adopted key domain security measures—exposing them to high risk of security threats. These companies have implemented less than half… Continue reading Many Global 2000 companies lack proper domain security