New e-mail anti-spoofing protocol built on SPF

I've always wondered what best practices should be applied when handling DKIM mail, and started considering manual verification and domain based whitelisting. I welcome the draft that is emerging to offer a standard framework for just these questions.

News entry: new anti-spoofing protocol built on SPF - DMARC

Comments

Post a Comment

Popular posts from this blog

Hidden TFTP of TP-Link routers

I did some more investigation after the positive results with the TL-WR740Nv4  (click the link to get introduced to the way of recovery). Most users report that devices and firmware updates released after a point in time usually have this mode enabled. If a firmware update is available from the vendor for your device, it's a good idea to apply that update before installing OpenWRT or dd-wrt UNLESS you own something for which upgrading will ensure incompatible with OpenWrt, like a TL-WR730N , and possible some other models (please report). Note that some old models have newer updates in different languages, those may also be worth a try ( TODO : compatibility?). Also remember that later on, tftp recovery will need a type of firmware image without a boot loader, so strip it with dd if yours has it ( grep U-Boot , or check the filename). Positive reported claims so far (personal results highlighted): TL-WDR4300 router 192.168.0.86 server 192.168.0.66 query wdr4300v1_tp_...
Read more

Tftp secret of TL-WR740N uncovered

I've found out that even this particular entry level router supports anti-bricking, so there's no need for soldering, unless of course you are modding. The method I used is the following: Set up a tftp server  on your PC and verify if it works correctly (configuration, permissions, firewalls, etc.) Rename your target firmware to wr740v4_tp_recovery.bin and copy it to your base folder (by default /tftpboot). I tested with openwrt-ar71xx-generic-tl-wr740n-v4-squashfs-factory.bin r43602. Set up the following static IP for your PC: 192.168.0.66 /255.255.255.0. If you're not sure about the firmware name on a different model, start a packet sniffer on your PC ( tcpdump -i eth0 -n -l ) and look for the name in the RRQ message. Preferably disconnect WAN from the router Connect the PC to a LAN port Power off the router Press and hold the reset button Power on the router After the leftmost (power) LED and the rightmost (padlock) LED turn on alone in a few seconds, release...
Read more

When both Google *and* AppStatus is down

Here is a link where you could theoretically monitor Google outages: https://www.google.com/appsstatus#hl=en&v=status I had a problem with Google services just recently. However, as I wanted to verify whether the problem is on my side, this monitoring site was down as well. At the same time, the third party reports on alternative sites started to grow: http://outage.report/google http://downdetector.com/status/google http://aussieoutages.com/status/google This highlights why we should not put all our eggs into the same basket.
Read more