Post · bonfire.cafe

#NerdTalk Wow. A multi-step, sophisticated way of spoofing emails that pass SPF, DKIM, DMARC. Hardcore.

"And most importantly, the key trick is that you can put anything you want in the App Name field in Google"

Le sigh. That's where they put the email text. In the App Name field. Google can fix this by sanitising input better.

@jwildeboer@social.wildeboer.net replied · 3 months ago

I would really like to see the full set of headers from this mail. I wrote a while ago how I analyse headers to check for suspicious things. https://jan.wildeboer.net/2022/09/E-Mail-Headers/

bonfire.cafe

A space for Bonfire maintainers and contributors to communicate

Automatic federation enabled