Introduction
- DNS refers to the records you need to set with your hosting provider to allow you to properly point your domain name to your website and send and receive email associated with your domain name
MX records
- relates to email (just receiving?)
DMARC records
- relates to email sending
- email I received recently from a security researcher seeking a bounty, which led me to learn about DMARC and add a DMARC record to the DNS settings for my Hover.com-hosted email address:
Hello Team,
I am a security researcher and I found some Vulnerabilities in your site one of them is as following:
**DESCRIPTION:**
I just sent a forged email to my email address that appears to originate from [hello@michaeluloth.com](mailto:hello@michaeluloth.com) I was able to do this because of the following DMARC record:
DMARCÂ record lookup and validation for:Â [michaeluloth.com](http://michaeluloth.com/)
"No DMARC Record found"
Or/And
"No DMARC Reject Policy"
**FIX:
**1) Publish DMARC Record. (If not already published)
2) Enable DMARC Quarantine/Reject policy
3) Your DMARC record should look like
"v=DMARC1; p=reject; sp=none; pct=100; ri=86400; rua=mailto:[YOUR_EMAIL_ADDRESS](mailto:YOUR_EMAIL_ADDRESS)"
This can be done using any PHP mailer tool like this,
<?php
$to = "[VICTIM@example.com](mailto:VICTIM@example.com)";
$subject = "Password Change";
$txt = "Change your password by visiting here - [VIRUS LINK HERE]l";
$headers = "From: [YOUR_EMAIL_ADDRESS](mailto:hello@michaeluloth.com)”
mail($to,$subject,$txt,$headers);
?>
You can check your DMARC record form here:
[https://mxtoolbox.com/SuperTool.aspx?action=mx%3alition.io&run=toolpage](https://mxtoolbox.com/SuperTool.aspx?action=mx%3alition.io&run=toolpage)
Reference:Â [https://www.knownhost.com/wiki/email/troubleshooting/setting-up_spf-dkimdmarc_records](https://www.knownhost.com/wiki/email/troubleshooting/setting-up_spf-dkimdmarc_records)
Let me know if you need me to send another forged email, or if you have any other questions. I’m hoping to Receive a bounty reward for my current finding.
I will be looking forward to hearing from you on this and Will be reporting other vulnerabilities accordingly.
Stay Safe & Healthy. Jeffery Friedman
- TXT record I set for DMARC: ```
Type: TXT
Host: _dmarc
Value: v=DMARC1; p=reject; rua=mailto:YOUR_EMAIL_ADDRESS; fo=1
TTL: 900
SPF records
Type: TXT
Host: @
Value: v=spf1 include:_spf.hostedemail.com include:hover.com ~all
TTL: 900
Inbox