Domain Name System (DNS)

Introduction

• DNS refers to the records you need to set with your hosting provider to allow you to properly point your domain name to your website and send and receive email associated with your domain name

MX records

• relates to email (just receiving?)

DMARC records

• relates to email sending
• email I received recently from a security researcher seeking a bounty, which led me to learn about DMARC and add a DMARC record to the DNS settings for my Hover.com-hosted email address:

Hello Team,
  
I am a security researcher and I found some Vulnerabilities in your site one of them is as following:

**DESCRIPTION:**

I just sent a forged email to my email address that appears to originate from [hello@michaeluloth.com](mailto:hello@michaeluloth.com) I was able to do this because of the following DMARC record:  
DMARC record lookup and validation for: [michaeluloth.com](http://michaeluloth.com/)
  
"No DMARC Record found"  
Or/And  
"No DMARC Reject Policy"

**FIX:  
**1) Publish DMARC Record. (If not already published)  
2) Enable DMARC Quarantine/Reject policy  
3) Your DMARC record should look like  
"v=DMARC1; p=reject; sp=none; pct=100; ri=86400; rua=mailto:[YOUR_EMAIL_ADDRESS](mailto:YOUR_EMAIL_ADDRESS)"
  
This can be done using any PHP mailer tool like this,  
<?php  
$to = "[VICTIM@example.com](mailto:VICTIM@example.com)";  
$subject = "Password Change";  
$txt = "Change your password by visiting here - [VIRUS LINK HERE]l";  
$headers = "From: [YOUR_EMAIL_ADDRESS](mailto:hello@michaeluloth.com)”  
mail($to,$subject,$txt,$headers);
?>
  
You can check your DMARC record form here:  
[https://mxtoolbox.com/SuperTool.aspx?action=mx%3alition.io&run=toolpage](https://mxtoolbox.com/SuperTool.aspx?action=mx%3alition.io&run=toolpage)

Reference: [https://www.knownhost.com/wiki/email/troubleshooting/setting-up_spf-dkimdmarc_records](https://www.knownhost.com/wiki/email/troubleshooting/setting-up_spf-dkimdmarc_records)
  
Let me know if you need me to send another forged email, or if you have any other questions. I’m hoping to Receive a bounty reward for my current finding.

I will be looking forward to hearing from you on this and Will be reporting other vulnerabilities accordingly.

Stay Safe & Healthy. Jeffery Friedman

• TXT record I set for DMARC: ```

Type: TXT
Host: _dmarc
Value: v=DMARC1; p=reject; rua=mailto:YOUR_EMAIL_ADDRESS; fo=1
TTL: 900

• DMARC Tags - MxToolbox - best reference for explanations and examples for all DMARC tags
• DMARC Check Tool - Domain Message Authentication Reporting & Conformance Lookup - MxToolBox - validate the DMARC record for your domain specifically (not your entire MX record story like above)
• How to set up domain authentication | Twilio - If you send email via Sendgrid, complete the “Authenticate Your Domain” steps explained here to discover the DMARC and CNAME records you’ll need to add to your DNS settings as well to allow SendGrid to send mail from your domain name

SPF records

• relates to email sending
• What is an SPF Record? How to set up SPF Records - MxToolbox
• SPF Check & SPF Lookup - Sender Policy Framework (SPF) - MxToolBox - validate the SPF record for your domain
• SPF Record Generator - MxToolBox - answer questions about how mail is sent from your email address and a recommended SPF record will be generated for you
• Creating an SPF record – Hover Help Center
• SPF record I set for my Hover.com-hosted email address:

Type: TXT
Host: @
Value: v=spf1 include:_spf.hostedemail.com include:hover.com ~all
TTL: 900

Inbox

• DNS: Network Tools: DNS,IP,Email - tool for looking up various DNS records; includes MX lookups that valid relevant TXT records like _dmarc