Spoofable / DMARC not enforced

Question

Spoofable / DMARC not enforced

hazcod opened this issue 3 years ago · 6 comments

hazcod commented 3 years ago

Hi!

Just generally wondering why my domain ironpeak.be (e.g. hello@ironpeak.be) is marked as:

DMARC not enforced
Spoofable

While I have following TXT records:

_dmarc.ironpeak.be v=DMARC1; p=reject; rua=mailto:hello@ironpeak.be
v=spf1 include:_spf.google.com ~all

Command:

# curl emailrep.io/hello@ironpeak.be
{
  "email": "hello@ironpeak.be",
  "reputation": "low",
  "suspicious": false,
  "references": 1,
  "details": {
    "blacklisted": false,
    "malicious_activity": false,
    "malicious_activity_recent": false,
    "credentials_leaked": false,
    "credentials_leaked_recent": false,
    "data_breach": false,
    "first_seen": "never",
    "last_seen": "never",
    "domain_exists": true,
    "domain_reputation": "low",
    "new_domain": false,
    "days_since_domain_creation": 1498,
    "suspicious_tld": false,
    "spam": false,
    "free_provider": false,
    "disposable": false,
    "deliverable": true,
    "accept_all": false,
    "valid_mx": true,
    "primary_mx": "aspmx.l.google.com",
    "spoofable": true,
    "spf_strict": true,
    "dmarc_enforced": false,
    "profiles": [
      "gravatar"
    ]
  }

Answer 1 · 2021-06-25T11:21:18.000Z

ping @jkamdjou

Answer 2 · 2021-06-25T13:53:43.000Z

ping @jkamdjou

apologies for the delay! thanks for the ping, will take a look at this today.

Answer 3 · 2021-06-25T14:01:09.000Z

Suddenly turned around 🤔 I do wonder why deliverable is false tough?

# curl emailrep.io/hello@ironpeak.be
{
  "email": "hello@ironpeak.be",
  "reputation": "low",
  "suspicious": false,
  "references": 1,
  "details": {
    "blacklisted": false,
    "malicious_activity": false,
    "malicious_activity_recent": false,
    "credentials_leaked": false,
    "credentials_leaked_recent": false,
    "data_breach": false,
    "first_seen": "never",
    "last_seen": "never",
    "domain_exists": true,
    "domain_reputation": "low",
    "new_domain": false,
    "days_since_domain_creation": 1519,
    "suspicious_tld": false,
    "spam": false,
    "free_provider": false,
    "disposable": false,
    "deliverable": true,
    "accept_all": false,
    "valid_mx": true,
    "primary_mx": "aspmx.l.google.com",
    "spoofable": false,
    "spf_strict": true,
    "dmarc_enforced": true,
    "profiles": [
      "gravatar"
    ]
  }

Answer 4 · 2021-06-25T14:23:05.000Z

Suddenly turned around 🤔 I do wonder why deliverable is false tough?

# curl emailrep.io/hello@ironpeak.be
{
  "email": "hello@ironpeak.be",
  "reputation": "low",
  "suspicious": false,
  "references": 1,
  "details": {
    "blacklisted": false,
    "malicious_activity": false,
    "malicious_activity_recent": false,
    "credentials_leaked": false,
    "credentials_leaked_recent": false,
    "data_breach": false,
    "first_seen": "never",
    "last_seen": "never",
    "domain_exists": true,
    "domain_reputation": "low",
    "new_domain": false,
    "days_since_domain_creation": 1519,
    "suspicious_tld": false,
    "spam": false,
    "free_provider": false,
    "disposable": false,
    "deliverable": true,
    "accept_all": false,
    "valid_mx": true,
    "primary_mx": "aspmx.l.google.com",
    "spoofable": false,
    "spf_strict": true,
    "dmarc_enforced": true,
    "profiles": [
      "gravatar"
    ]
  }

we've been having an issue with an upstream provider recently, will see what's going on here

Answer 5 · 2021-06-25T14:25:32.000Z

oh wait - deliverable is true in this snippet? were you maybe looking at disposable?

Answer 6 · 2021-06-25T14:26:39.000Z

@jkamdjou my bad, I guess you guys pushed some fixes to fix the spoofable.