Come amministratore di sistema, ho bisogno di inviare e-mail falsificate per garantire che la protezione spoofing (DMARC, ecc.) funzioni.
Penso che Emkei's Fake Mailer possa essere usato per inviare e-mail con spoofing al livello SMTP / 5321.MailFrom ma come si fa a inviare e-mail contraffatte al MIME / 5322. Dal livello?
Aggiornamento 2018/10/30 11:45:
In seguito a ulteriori test, ho provato a utilizzare la risposta di Steffen Ullrich utilizzando 3 diversi sistemi SMTP (il servizio Email Laundry, Office 365 e ) ma in effetti non sembra funzionare.
Invio dei dettagli del nome del dominio:
-
%codice%:
- Politica SPF:
sendingsmtp.example
- Politica DMARC: nessuna
- Politica SPF:
-
%codice%:
- Politica SPF:
v=spf1 ip4:1.2.3.4 -all
- Politica DMARC: nessuna
- Politica SPF:
Output PuTTY:
220 miniRelay Server v0.9.77d ready
helo Test
500 Syntax Error
helo Test
250 Hello Test
mail from:[email protected]
250 [email protected] Address Okay
rcpt to:[email protected]
250 [email protected] Address Okay
data
354 Start mail input; end with <CRLF>.<CRLF>
from:"MIME Test" <[email protected]>
to:[email protected]
Subject: Test
Test email.
.
250 Ok
Uscita MiniRelay quando si invia a The Email Laundry:
11:22:40 Command: MAIL FROM <[email protected]>
11:22:44 Command: RCPT TO <[email protected]>
11:23:10 [1] Looking for MX domain of recipient.example
11:23:10 [1] Connected with array1.theemaillaundry.net
11:23:11 [1] Sending message
11:23:12 [1] Error 5.7.1 <[email protected]>: Recipient address rejected: Message rejected due to: SPF fail - not authorized. Please see http://www.openspf.net/Why?s=mfrom;[email protected];ip=1.2.3.4;[email protected]
11:23:12 [1] Connected with array1.theemaillaundry.net
11:23:13 [1] Error 5.7.1 <[email protected]>: Recipient address rejected: Message rejected due to: SPF fail - not authorized. Please see http://www.openspf.net/Why?s=mfrom;[email protected];ip=1.2.3.4;[email protected]
11:23:13 [1] Connected with array1.theemaillaundry.net
11:23:13 [1] Error 5.7.1 <[email protected]>: Recipient address rejected: Message rejected due to: SPF fail - not authorized. Please see http://www.openspf.net/Why?s=mfrom;[email protected];ip=1.2.3.4;[email protected]
11:23:13 [1] Connected with array2.theemaillaundry.net
11:23:14 [1] Sending message
11:23:14 [1] Error 5.7.1 <[email protected]>: Recipient address rejected: Message rejected due to: SPF fail - not authorized. Please see http://www.openspf.net/Why?s=mfrom;[email protected];ip=1.2.3.4;[email protected]
11:23:14 [1] Connected with array2.theemaillaundry.net
11:23:15 [1] Error 5.7.1 <[email protected]>: Recipient address rejected: Message rejected due to: SPF fail - not authorized. Please see http://www.openspf.net/Why?s=mfrom;[email protected];ip=1.2.3.4;[email protected]
11:23:15 [1] Connected with array2.theemaillaundry.net
11:23:16 [1] Error 5.7.1 <[email protected]>: Recipient address rejected: Message rejected due to: SPF fail - not authorized. Please see http://www.openspf.net/Why?s=mfrom;[email protected];ip=1.2.3.4;[email protected]
11:23:16 [1] ERROR: 3 times retried, returning message
Output MiniRelay quando si invia a Office 365 e link :
11:30:55 Command: MAIL FROM <[email protected]>
11:31:11 Command: RCPT TO <[email protected]>
11:31:26 [3] Looking for MX domain of recipient.example
11:31:26 [3] Connected with recipient.example
11:31:26 [3] Sending message
11:31:26 [3] Message successfully sent
Intestazioni dei risultati dell'autenticazione di Office 365:
Authentication-Results: spf=fail (sender IP is 1.2.3.4)
smtp.mailfrom=sendingmime.example; recipient.example; dkim=none (message not
signed) header.d=none;recipient.example; dmarc=none action=none
header.from=sendingmime.example;compauth=fail reason=001
link Risultati SPF:
[SPF] sendingmime.example does not allow your server 1.2.3.4 to use [email protected]
Aggiornamento 2018/10/30 12:10:
Sospettavo MiniRelay, quindi ho provato la stessa cosa usando hMailServer che funzionava bene.
Output PuTTY:
220 hMailServer ESMTP
helo Test
503 Bad sequence of commands
helo Test
250 Hello.
AUTH LOGIN
334 VXNlcm5hbWU6
<Base64-encoded username>
334 UGFzc3dvcmQ6
<Base64-encoded password>
235 authenticated.
mail from:[email protected]
250 OK
rcpt to:[email protected]
250 OK
data
354 OK, send.
from:"MIME Test" <[email protected]>
to:[email protected]
Subject: Test
Test email.
.
250 Queued (22.784 seconds)
Intestazioni dei risultati dell'autenticazione di Office 365:
Authentication-Results: spf=pass (sender IP is 1.2.3.4)
smtp.mailfrom=sendingsmtp.example; recipient.example; dkim=none (message not signed)
header.d=none;recipient.example; dmarc=none action=none
header.from=sendingmime.example;compauth=fail reason=001
link Risultati SPF:
[SPF] Your server 1.2.3.4 is authorized to use [email protected]
Aggiornamento 2018/10/30 12:22:
Il server SMTP gratuito ( link ) sembra essere un sostituto decente, gratuito, locale / portatile per MiniRelay che funzioni correttamente a questo proposito.