Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Inconsistencies b/w DKIM and DNS not OK #2

Closed
Imanfeng opened this issue Sep 2, 2020 · 7 comments
Closed

Inconsistencies b/w DKIM and DNS not OK #2

Imanfeng opened this issue Sep 2, 2020 · 7 comments

Comments

@Imanfeng
Copy link

Imanfeng commented Sep 2, 2020

image
image
image
image
image

DKIM is pass,but DMARC is not pass..

Is there any way to solve the problem?

@Imanfeng
Copy link
Author

Imanfeng commented Sep 3, 2020

I use mail-tester.com DMARC is pass,but Immediately after sending it to outlook.com, it showed that dmarc failed.
Do you know the reason? thx
image
image

@chenjj
Copy link
Owner

chenjj commented Sep 3, 2020

thanks for filing this report.

In the first issue, it seems that xiaomi.com is not vulnerable to the server_a3 case. Because the receiving server is trying to query DKIM public key from xiaomi.com (as the header shows "key not found in DNS"), rather than the attacker domain.

In the second issue, it seems that you are trying to test the server_a1 case. Outlook.com may not be vulnerable to this case.

In my prior testing, server_a15 works in Outlook.com. I'm not sure if they have fixed this bug.

@Imanfeng
Copy link
Author

Imanfeng commented Sep 4, 2020

thank you
image
if this case,how can i set a TXT about legitimate.com( ? And some single quotation marks and double quotation marks do not seem to conform to the rules of TXT
image
Or, for this type of case, when spf verification is performed, the MAIL FROM legalimate.com( subdomain does not have spf, so the verification is the attack domain name of HELO

Espoofer - server_a5\a6

@chenjj
Copy link
Owner

chenjj commented Sep 6, 2020

To bypass this, you need to set up your own authority DNS server, rather than use third-party DNS hosting services.

@Imanfeng
Copy link
Author

Imanfeng commented Sep 6, 2020

thank you!

@chenjj chenjj closed this as completed Nov 11, 2020
@craudilho1199
Copy link

Hi bro! I need help a bit.
I tried to run espoofer in client mode, but it didn't work. A screenshot of the error from the terminal is attached.

help___github_____________________--

nastroiki_config

Also I tried to run in server mode but I failed. I don't know where to enter the following commands:

  1. Domain configuration
Set DKIM public key for attack.com

selector._domainkey.attacker.com TXT "v=DKIM1; k=rsa; t=y; p=MIGfMA0GCSqG...
2) Set SPF record for attack.com

attack.com TXT "v=spf1 ip4:1.2.3.4 +all"

@xappster
Copy link

xappster commented Mar 9, 2022

Hey

could you please send email from (zapp@gmail.com) to (ironz@cservice.undernet.org)

I want to check our organization is secure or not.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

4 participants