All Questions
40
questions
0
votes
1
answer
127
views
Can I use multiple email providers with my website's DKIM, DMARC and SPF?
I'm a software developer, with limited Mail server setup experience, running a little side SAAS on the side where I send emails to my customers. My domain has SPF, DMARC and DKIM setup and I use ...
6
votes
1
answer
2k
views
Spoofed email sent to me from my email address with SPF/DKIM/DMARC passing
I received an email earlier today on my work email address. The email came from the same address—mine—but I didn't send it.
It was an email claiming that he was a professional hacker who had hacked my ...
1
vote
1
answer
1k
views
Still able to spoof emails with strict DMARC, SPF and DKIM enabled
Despite setting up strict DMARC, SPF, and having DKIM enabled, I am still easily able to spoof the "From" address. I can easily do this with PHPMailer on my Mac and even with some free 3rd ...
0
votes
1
answer
274
views
Spoofed forwarded email? Help with analyzing of DMARC report
Why did this email get forwarded successfully? An XML report is below:
I simply cannot understand the delivery status, a transcript follows:
This email has been automatically forwarded. Despite the ...
17
votes
3
answers
3k
views
"Undelivered Mail" I never sent (after registration on website)
I created an online account and received the usual welcome email. In addition, however, an "Undelivered Mail Returned to Sender" email appeared in my inbox one second later. I am the ...
2
votes
1
answer
329
views
Spoofed email: whose fault is it?
My relative received an email from a bill they were expecting to pay. So they paid said bill.
Only problem is: it was a spoofed email, and the real bill only came in later.
I checked the email on the ...
7
votes
1
answer
1k
views
Can DMARC's SPF alignment be spoofed?
IP addresses can be spoofed. The Envelope-From and Header-From addresses can be spoofed as well. But is it possible to spoof all three at the same time to send a forged email that passes both SPF and ...
1
vote
1
answer
267
views
Authorizing 3rd Party Envelope Sender to Impersonate Header Sender
Rewriting for clarity:
This is regarding emails send from a 3rd party marketer spoofing one of our email addresses in the message header from field. In these emails the envelope sender would come ...
0
votes
1
answer
603
views
How did the email pass DKIM?
I am trying to figure out how this one phishing email (used our Company's domain as from) was able to bypass the O365 Spamfilter.
Looking at the Header it looks like they passed the DKIM even though ...
4
votes
2
answers
3k
views
How to fix DMARC alignment failure
I'm sending emails via the Ionos mail servers.
I've got spf set up, but dmarc still fails.
This seems related to: Why is DMARC failing when SPF and DKIM are passing?
But I can't figure out how to fix ...
0
votes
0
answers
421
views
Unknown Cause of SPF Fail
I have the following SPF record:
v=spf1 include:_spf.mailspamprotection.com include:_spf.google.com ip4:209.85.220.0/24 ~all
Although I have included _spf.mailspamprotection.com in my SPF record, ...
-1
votes
1
answer
192
views
Does gmail use SPF or DMARC when sending messages outside of gmail?
I can't seem to find any record of SPF or DMARC in the original messages coming from gmail to my mail server.
Does gmail use SPF or DMARC when sending messages outside of gmail?
4
votes
3
answers
578
views
What is the point of having SPF and DKIM set up, but having DMARC with policy=none?
Under this FAQ it says that using policy=none is a way for domain owners to monitor forged emails, without having to set up SPF/DKIM. But what im wondering, because i dont fully understand what SPF/...
2
votes
2
answers
744
views
Do fowarded emails retain DMARC protection?
Assume I ask someone to create a filter in their Gmail account that automatically forwards certain emails to my inbox. If the original email was protected with DMARC, would the forwarded email also be ...
0
votes
0
answers
36
views
Why do I need DMARC on top of SPF and DKIM? [duplicate]
If SPF is verifying against a set of IP records if the incoming email from a domain was sent from an authorized host piggybacking on the DNS and DKIM does touch the signature of the email and ...