Collaborate Disseminate
So I’m using Active Campaign as a CRM and have configured DKIM, SPF, and a DMARC none policy. I am having one particular customer of mine that’s not able to receive my emails despite them whitelisting me. They are using mimecast. I’ve don… Continue reading How To Address Email Deliverability Problems When From Header Doesn’t Match From Envelope?
After some research, I couldn’t find a clear answer: in Azure Cloud Domain, some users received phishing emails to hidden mailbox addresses. How can that be? How can those mailbox addresses be known to someone outside the domain? Does anyo… Continue reading Phishing mails to hidden Azure mailboxes
I received an email earlier today on my work email address. The email came from the same address—mine—but I didn’t send it.
It was an email claiming that he was a professional hacker who had hacked my operating system and planted harmful s… Continue reading Spoofed email sent to me from my email address with SPF/DKIM/DMARC passing
I have received a threatening message in my email primary@gmail.com from my other email address alias@mydomain.com. Note that alias@mydomain.com is an alias to primary@gmail.com.
Also, of course, I own mydomain.com and it is registered in … Continue reading SPF result using alias email address
Let’s say:
alice@example.com sends an email to bob@bob.com.
Bob owns the domain bob.com but doesn’t manage an emailing server. Instead he uses an email forwarding service (provided by his registrar / DNS service, for example Cloudflare d… Continue reading How can an email forwarding service send email with a "From" from a domain they don’t control, and still pass SPF?
Let’s say:
alice@example.com sends an email to bob@bob.com.
Bob owns the domain bob.com but doesn’t manage an emailing server. Instead he uses an email forwarding service (provided by his registrar / DNS service, for example Cloudflare d… Continue reading How can an email forwarding service send email with a "From" from a domain they don’t control, and still pass SPF?
If we are self hosting our own email server with mydomain.com with a self sign CA for S/MIME. What are some possible ways that our email content can get leaked?
Then if we use PGP email, does it make any difference? Since we agree that wit… Continue reading With selfhosting email server, selfsigned certificate, does it make a difference with PGP mail, What can be leaked?
Despite setting up strict DMARC, SPF, and having DKIM enabled, I am still easily able to spoof the "From" address. I can easily do this with PHPMailer on my Mac and even with some free 3rd party tools like
https://emkei.cz/
http… Continue reading Still able to spoof emails with strict DMARC, SPF and DKIM enabled
What is the most secure way and privacy-focused to send email now (current tech)? PGP or S/MIME, Given both parties willing to learn the technical parts?
Use case, both of parties use third party email services, like gmail/hotmail/proton… Continue reading What is the most secure way to send email now? PGP or S/MIME, Given both parties willing to learn the technical parts
I have quite a few questions about email security on my custom domains (SPF, DKIM, DMARC,… etc).
Let me start with Why this email got forwarded successfully, please allow an image for the words, an XML report you find below.
I simply… Continue reading Spoofed forwarded email? Help with analyzing of DMARC report