{"id":374,"date":"2022-04-01T04:28:22","date_gmt":"2022-04-01T09:28:22","guid":{"rendered":"https:\/\/ascams.com\/info\/?p=374"},"modified":"2022-04-01T04:34:38","modified_gmt":"2022-04-01T09:34:38","slug":"vulnerability-found-dmarc-record-vulnerable","status":"publish","type":"post","link":"https:\/\/ascams.com\/info\/vulnerability-found-dmarc-record-vulnerable\/","title":{"rendered":"Vulnerability found : DMARC record vulnerable"},"content":{"rendered":"<p>Do not get caught in the net of this <strong>FAKE INTERNET SECURITY<\/strong> SCAM and do\u00a0 not pay any money to unsolicited spam scam artists.<\/p>\n<p>Email Sending Servers are defined by a domain in DNS as an SPF record and as <a href=\"https:\/\/ascams.com\/info\/domain-anti-forgery\/\" target=\"_blank\" rel=\"noopener\">part of a domain ANTI FORGERY policy<\/a>&#8230;<\/p>\n<p>Many domains on the Internet do not even have proper SPF records and the uptake of DMARC is even worse and very poorly supported<\/p>\n<p>To make matters worse:\u00a0 <strong>ALL real SPAMMERS, SCAMMERS and CRIMINALS have perfect DMARC and perfect blocking SPF!!<\/strong><\/p>\n<p>This scam is mostly powered by GOOGLE as it originates from random example@gmail.com email account and is<strong> actually quite ironic<\/strong> as <strong>Google\/Gmail does not even have blocking anti forgery in SPF<\/strong>.<\/p>\n<p>Example Wording of this scam is:<\/p>\n<p>Hello Team,<br \/>\nI am a security researcher and I founded this vulnerability.<br \/>\nI just sent a forged email to my email address that appears to originate from dnsbl@ascams.com<br \/>\nI was able to do this because of the following DMARC record:<\/p>\n<p>DMARC record lookup and validation for: ascams.com<\/p>\n<p>&#8221; No DMARC Record found &#8221;<\/p>\n<p>How To Reproduce (POC-ATTACHED IMAGE):-<br \/>\n1.Go To- example.com\/DMARC.aspx<br \/>\n2.Enter the Website.CLICK GO.<br \/>\n3.You Will See the fault(DMARC Quarantine\/Reject policy not enabled)<\/p>\n<p>Fix:<br \/>\n1)Publish DMARC Record.<br \/>\n2)Enable DMARC Quarantine\/Reject policy<br \/>\n3)Your DMARC record should look like<br \/>\n&#8220;v=DMARC1; p=reject; sp=none; pct=100; ri=86400; rua=mailto:info@domain.com&#8221;<\/p>\n<p>Let me know if you need me to send another forged email, or if have any<br \/>\nother questions.<\/p>\n<p>Hoping for the bounty for my ethical Disclosure.<br \/>\nBest Regards<br \/>\nSecurity Researcher<\/p>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Do not get caught in the net of this FAKE INTERNET SECURITY SCAM and do\u00a0 not pay any money to unsolicited spam scam artists. Email Sending Servers are defined by a domain in DNS as an SPF record and as part of a domain ANTI FORGERY policy&#8230; Many domains on the Internet do not even [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"ocean_post_layout":"","ocean_both_sidebars_style":"","ocean_both_sidebars_content_width":0,"ocean_both_sidebars_sidebars_width":0,"ocean_sidebar":"0","ocean_second_sidebar":"0","ocean_disable_margins":"enable","ocean_add_body_class":"","ocean_shortcode_before_top_bar":"","ocean_shortcode_after_top_bar":"","ocean_shortcode_before_header":"","ocean_shortcode_after_header":"","ocean_has_shortcode":"","ocean_shortcode_after_title":"","ocean_shortcode_before_footer_widgets":"","ocean_shortcode_after_footer_widgets":"","ocean_shortcode_before_footer_bottom":"","ocean_shortcode_after_footer_bottom":"","ocean_display_top_bar":"default","ocean_display_header":"default","ocean_header_style":"","ocean_center_header_left_menu":"0","ocean_custom_header_template":"0","ocean_custom_logo":0,"ocean_custom_retina_logo":0,"ocean_custom_logo_max_width":0,"ocean_custom_logo_tablet_max_width":0,"ocean_custom_logo_mobile_max_width":0,"ocean_custom_logo_max_height":0,"ocean_custom_logo_tablet_max_height":0,"ocean_custom_logo_mobile_max_height":0,"ocean_header_custom_menu":"0","ocean_menu_typo_font_family":"0","ocean_menu_typo_font_subset":"","ocean_menu_typo_font_size":0,"ocean_menu_typo_font_size_tablet":0,"ocean_menu_typo_font_size_mobile":0,"ocean_menu_typo_font_size_unit":"px","ocean_menu_typo_font_weight":"","ocean_menu_typo_font_weight_tablet":"","ocean_menu_typo_font_weight_mobile":"","ocean_menu_typo_transform":"","ocean_menu_typo_transform_tablet":"","ocean_menu_typo_transform_mobile":"","ocean_menu_typo_line_height":0,"ocean_menu_typo_line_height_tablet":0,"ocean_menu_typo_line_height_mobile":0,"ocean_menu_typo_line_height_unit":"","ocean_menu_typo_spacing":0,"ocean_menu_typo_spacing_tablet":0,"ocean_menu_typo_spacing_mobile":0,"ocean_menu_typo_spacing_unit":"","ocean_menu_link_color":"","ocean_menu_link_color_hover":"","ocean_menu_link_color_active":"","ocean_menu_link_background":"","ocean_menu_link_hover_background":"","ocean_menu_link_active_background":"","ocean_menu_social_links_bg":"","ocean_menu_social_hover_links_bg":"","ocean_menu_social_links_color":"","ocean_menu_social_hover_links_color":"","ocean_disable_title":"default","ocean_disable_heading":"default","ocean_post_title":"","ocean_post_subheading":"","ocean_post_title_style":"","ocean_post_title_background_color":"","ocean_post_title_background":0,"ocean_post_title_bg_image_position":"","ocean_post_title_bg_image_attachment":"","ocean_post_title_bg_image_repeat":"","ocean_post_title_bg_image_size":"","ocean_post_title_height":0,"ocean_post_title_bg_overlay":0.5,"ocean_post_title_bg_overlay_color":"","ocean_disable_breadcrumbs":"default","ocean_breadcrumbs_color":"","ocean_breadcrumbs_separator_color":"","ocean_breadcrumbs_links_color":"","ocean_breadcrumbs_links_hover_color":"","ocean_display_footer_widgets":"default","ocean_display_footer_bottom":"default","ocean_custom_footer_template":"0","ocean_post_oembed":"","ocean_post_self_hosted_media":"","ocean_post_video_embed":"","ocean_link_format":"","ocean_link_format_target":"self","ocean_quote_format":"","ocean_quote_format_link":"post","ocean_gallery_link_images":"off","ocean_gallery_id":[],"footnotes":""},"categories":[9,6,3],"tags":[],"class_list":["post-374","post","type-post","status-publish","format-standard","hentry","category-information","category-news","category-scams","entry"],"_links":{"self":[{"href":"https:\/\/ascams.com\/info\/wp-json\/wp\/v2\/posts\/374","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ascams.com\/info\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ascams.com\/info\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ascams.com\/info\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/ascams.com\/info\/wp-json\/wp\/v2\/comments?post=374"}],"version-history":[{"count":5,"href":"https:\/\/ascams.com\/info\/wp-json\/wp\/v2\/posts\/374\/revisions"}],"predecessor-version":[{"id":379,"href":"https:\/\/ascams.com\/info\/wp-json\/wp\/v2\/posts\/374\/revisions\/379"}],"wp:attachment":[{"href":"https:\/\/ascams.com\/info\/wp-json\/wp\/v2\/media?parent=374"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ascams.com\/info\/wp-json\/wp\/v2\/categories?post=374"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ascams.com\/info\/wp-json\/wp\/v2\/tags?post=374"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}