Inconsistencies b/w DKIM and DNS not OK

[Imanfeng]

DKIM is pass，but DMARC is not pass..

Is there any way to solve the problem?

[Imanfeng]

I use mail-tester.com DMARC is pass,but Immediately after sending it to outlook.com, it showed that dmarc failed.
Do you know the reason? thx

[chenjj]

thanks for filing this report.

In the first issue, it seems that xiaomi.com is not vulnerable to the server_a3 case. Because the receiving server is trying to query DKIM public key from xiaomi.com (as the header shows "key not found in DNS"), rather than the attacker domain.

In the second issue, it seems that you are trying to test the server_a1 case. Outlook.com may not be vulnerable to this case.

In my prior testing, server_a15 works in Outlook.com. I'm not sure if they have fixed this bug.

[Imanfeng]

thank you

if this case,how can i set a TXT about legitimate.com( ? And some single quotation marks and double quotation marks do not seem to conform to the rules of TXT

Or, for this type of case, when spf verification is performed, the MAIL FROM legalimate.com( subdomain does not have spf, so the verification is the attack domain name of HELO

Espoofer - server_a5\a6

[chenjj]

To bypass this, you need to set up your own authority DNS server, rather than use third-party DNS hosting services.

[Imanfeng]

thank you!

[craudilho1199]

Hi bro! I need help a bit.
I tried to run espoofer in client mode, but it didn't work. A screenshot of the error from the terminal is attached.

Also I tried to run in server mode but I failed. I don't know where to enter the following commands:

1. Domain configuration

Set DKIM public key for attack.com

selector._domainkey.attacker.com TXT "v=DKIM1; k=rsa; t=y; p=MIGfMA0GCSqG...
2) Set SPF record for attack.com

attack.com TXT "v=spf1 ip4:1.2.3.4 +all"

[xappster]

Hey

could you please send email from (zapp@gmail.com) to (ironz@cservice.undernet.org)

I want to check our organization is secure or not.