Hi team kindly update me with the bug that I've reported. -Zeus On Fri, May 20, 2022 at 11:34 PM Cyber Zeus <cyberzeus...@gmail.com> wrote:
> Hi Team, > I am an independent security researcher and I have found a bug in your > website > The details of it are as follows:- > > Description: This report is about a misconfigured Dmarc record flag, which > can be used for malicious purposes as it allows for fake mailing on behalf > of respected organizations. > > About the Issue: > As i have seen the DMARC record for > > *druid.apache.org* > > which is: > DMARC Policy Not Enabled > DMARC Not Found > > As u can see that your DMARC record, a valid record should be like:- > > DMARC Policy Enabled > What's the issue: > A DMARC record is a type of Domain Name Service (DNS) record that > identifies which mail servers are permitted to send an email on behalf of > your domain. The purpose of a DMARC record is to prevent spammers from > sending messages on the behalf of your organization. > > Attack Scenario: An attacker will send phishing mail or anything malicious > mail to the victim via mail: > > commits-h...@druid.apache.org > > > even if the victim is aware of a phishing attack, he will check the origin > email which came from your genuine mail id > commits-h...@druid.apache.org > > > so he will think that it is genuine mail and get trapped by the attacker. > The attack can be done using any PHP mailer tool like this:- > > <?php > $to = "vic...@example.com"; > $subject = "Password Change"; > $txt = "Change your password by visiting here - [VIRUS LINK HERE]l"; > $headers = "From: > > commits-h...@druid.apache.org > > > ";mail($to,$subject,$txt,$headers); > ?> > > U can also check your Dmarc/ SPF record form: MXTOOLBOX > > Reference: > https://support.google.com/a/answer/2466580?hl=en > have a look at the GOOGLE article for a better understanding![image: > image.png] > [image: image.png] >
