Questions tagged [dmarc]
DMARC (Domain-based Message Authentication, Reporting and Conformance) is an email authentication protocol. It is designed to give email domain owners the ability to protect their domain from unauthorized use, commonly known as email spoofing.
67
questions
0
votes
1
answer
127
views
Can I use multiple email providers with my website's DKIM, DMARC and SPF?
I'm a software developer, with limited Mail server setup experience, running a little side SAAS on the side where I send emails to my customers. My domain has SPF, DMARC and DKIM setup and I use ...
1
vote
2
answers
115
views
DKIM Authorization Question
I've read a good bit about DMARC, DKIM, and SPF but now that I'm getting results come in, there are some things I'm seeing that I don't understand. I keep seeing passing DKIM results from outside ...
3
votes
1
answer
189
views
How to know whether e-mail was spoofed?
I am having a hard time understanding the different methods of e-mail verification. I know about DKIM, SPF and DMARC. If I would like to know whether an e-mail I received actually came from the e-...
1
vote
0
answers
181
views
Is my DMARC report saying legitmate emails are failing or illegitimate emails are passing? [closed]
I am learning how to improve email deliverability. Along the way, I'm learning about DMARC reports, SPF and DKIM. I have a friend with a small business who said I can practice with this email ...
6
votes
1
answer
2k
views
Spoofed email sent to me from my email address with SPF/DKIM/DMARC passing
I received an email earlier today on my work email address. The email came from the same address—mine—but I didn't send it.
It was an email claiming that he was a professional hacker who had hacked my ...
1
vote
1
answer
1k
views
Still able to spoof emails with strict DMARC, SPF and DKIM enabled
Despite setting up strict DMARC, SPF, and having DKIM enabled, I am still easily able to spoof the "From" address. I can easily do this with PHPMailer on my Mac and even with some free 3rd ...
0
votes
1
answer
274
views
Spoofed forwarded email? Help with analyzing of DMARC report
Why did this email get forwarded successfully? An XML report is below:
I simply cannot understand the delivery status, a transcript follows:
This email has been automatically forwarded. Despite the ...
1
vote
2
answers
330
views
dmarc privacy concern with microsoft reports
I run the the email for several domains and receive the domain reports on their behalf. Google is our email provider.
enterprise.protection.outlook.com, sends aggregate reports with an envelope_to ...
17
votes
3
answers
3k
views
"Undelivered Mail" I never sent (after registration on website)
I created an online account and received the usual welcome email. In addition, however, an "Undelivered Mail Returned to Sender" email appeared in my inbox one second later. I am the ...
2
votes
1
answer
329
views
Spoofed email: whose fault is it?
My relative received an email from a bill they were expecting to pay. So they paid said bill.
Only problem is: it was a spoofed email, and the real bill only came in later.
I checked the email on the ...
0
votes
1
answer
2k
views
DKIM from another domain, how does it work?
I've recently started configuringn and using DMARC reports and I have the following question. How can the DKIM domain not be my domain (and pass)?
I have the following report
<record>
<row&...
2
votes
0
answers
2k
views
DKIM/SPF What does it mean when policy_evaluated fails but auth_results passes?
I am trying to get the DKIM and SPF settings correct for a client who uses both GSuite and WordPress to send her emails.
I added this dmarc: v=DMARC1; p=none; rua=mailto:l***@******ney.com; fo=1; ...
7
votes
1
answer
1k
views
Can DMARC's SPF alignment be spoofed?
IP addresses can be spoofed. The Envelope-From and Header-From addresses can be spoofed as well. But is it possible to spoof all three at the same time to send a forged email that passes both SPF and ...
0
votes
1
answer
151
views
DMARC falsely reports impersonation
I have set up DMARC for some months now and I am using dmarc-visualizer to parse the reports.
Overall I am happy so we can advance towards BIMI, but before switching to quarantine or reject on DMARC, ...
1
vote
1
answer
404
views
Why is DMARC Passing, when it seems like there is no alignment?
I have set adkim=s and aspf=s, the DMARC check on mxtoolbox.com passes all tests. However, I'm using the default DKIM from microsoft, so from my understanding DMARC should fail since the alignment ...
1
vote
1
answer
267
views
Authorizing 3rd Party Envelope Sender to Impersonate Header Sender
Rewriting for clarity:
This is regarding emails send from a 3rd party marketer spoofing one of our email addresses in the message header from field. In these emails the envelope sender would come ...
0
votes
1
answer
603
views
How did the email pass DKIM?
I am trying to figure out how this one phishing email (used our Company's domain as from) was able to bypass the O365 Spamfilter.
Looking at the Header it looks like they passed the DKIM even though ...
4
votes
2
answers
3k
views
How to fix DMARC alignment failure
I'm sending emails via the Ionos mail servers.
I've got spf set up, but dmarc still fails.
This seems related to: Why is DMARC failing when SPF and DKIM are passing?
But I can't figure out how to fix ...
37
votes
2
answers
21k
views
How did this paypal spoof email pass SPF, DKIM and DMARC
This mail that got through has me stumped. It appeared to me as being from PayPal <[email protected]> in my Inbox. I happened to look at the original and it says SPF, DKIM and DMARC ...
2
votes
1
answer
206
views
DMARC aggregated report SPF domain field
I am trying to identify, why some of my e-mails are being marked as spam by recipients, and have therefore set up SPF and DKIM. In order to check that they can be verified, I set up aggregated DMARC ...
0
votes
1
answer
385
views
Rejected because of DKIM check fail; alignment check fail
I am testing my mail server setup with this tool https://email-test.had.dnsops.gov/ and I am getting suspicious that the tool may not be working right.
From what I understand it reports that my ...
0
votes
0
answers
421
views
Unknown Cause of SPF Fail
I have the following SPF record:
v=spf1 include:_spf.mailspamprotection.com include:_spf.google.com ip4:209.85.220.0/24 ~all
Although I have included _spf.mailspamprotection.com in my SPF record, ...
-1
votes
1
answer
192
views
Does gmail use SPF or DMARC when sending messages outside of gmail?
I can't seem to find any record of SPF or DMARC in the original messages coming from gmail to my mail server.
Does gmail use SPF or DMARC when sending messages outside of gmail?
4
votes
3
answers
578
views
What is the point of having SPF and DKIM set up, but having DMARC with policy=none?
Under this FAQ it says that using policy=none is a way for domain owners to monitor forged emails, without having to set up SPF/DKIM. But what im wondering, because i dont fully understand what SPF/...
2
votes
2
answers
744
views
Do fowarded emails retain DMARC protection?
Assume I ask someone to create a filter in their Gmail account that automatically forwards certain emails to my inbox. If the original email was protected with DMARC, would the forwarded email also be ...
0
votes
0
answers
36
views
Why do I need DMARC on top of SPF and DKIM? [duplicate]
If SPF is verifying against a set of IP records if the incoming email from a domain was sent from an authorized host piggybacking on the DNS and DKIM does touch the signature of the email and ...
0
votes
1
answer
1k
views
Whitelisting Email Service for Anti-Spoofing and DMARC
My company uses an Anti-Spoofing Protection based on the SPF Record and has implemented DMARC. Often our users correspond via a "secure" messaging platform like Proofpoint/ZIX/IronPort from ...
1
vote
1
answer
153
views
Email "FROM address" is changed to an unexpected email address
I have enabled DMARC settings in my domain (drkotzi.org). Now when I send emails from my email address ([email protected]) to email lists or email groups, I can see that the email's from address and ...
2
votes
2
answers
317
views
DMARC rua indicates mail send from competitorDomain.com for ourDomain.com, is this (potentially) mallicous?
We've received several rua reports indicating that one of our direct competitors is sending emails with our domain in the mail from headers.
I do not have access to the actual emails sources, and I ...
1
vote
1
answer
3k
views
SPF/DMARC for shared email provider (gmail) - how did this email pass SPF?
We recently received an email from a self described "white hat hacker" purporting to be from our own organization.
According to the mail headers, spf, dmarc, dkim and arc all passed okay and ...