ZW3B :-:
infos
usr



Prevent spoofing and phishing with DMARC (Domain-based Message Authentication, Report...




Site user blocks : Account info / user rights / summary

Prevent spoofing and phishing with DMARC

DMARC is a technical specification created by a group of organizations that want to help reduce the misuse of emails, such as spam, phishing, by providing a solution for deploying and monitoring problems related to their authentication.

This technology has been standardized by the Internet Engineering Task Force (IETF) in the RFC 7489.

DMARC standardizes how recipients (in the sense of recipient MTAs) perform email authentication using the Sender Policy Framework and DomainKeys Identified Mail mechanisms. This means that the sender (in the sense of a sending MTA) will receive the results of the authentication of its messages by any recipient that implements DMARC.

Domain-based Message Authentication, Reporting, and Conformance

DMARC (Domain-based Message Authentication, Reporting, and Conformance) is a standard email authentication method. DMARC allows email administrators to prevent hackers from impersonating their organization and domain. Spoofing is a type of attack in which the address in the From field of an email is spoofed. A spoofing message appears to come from the spoofed organization or domain.

DMARC also lets you request reports from mail servers that receive mail from your organization or domain. These reports contain information to help you identify possible authentication issues and malicious activity related to messages sent from your domain.

DMARC prevents spoofing and phishing

Spammers can spoof your domain or organization to send fraudulent messages that impersonate your organization. DMARC tells mail servers what action to take when they receive a message that appears to come from your organization, but does not pass authentication checks or does not meet the authentication criteria of your DMARC rule record. Messages that aren't authenticated can impersonate your organization or be sent from unauthorized servers.

DMARC is always used with the following two authentication methods or controls:

  • The Sender Policy Framework (SPF) protocol allows the domain owner to authorize IP addresses to send email for the domain. Receiving servers can verify that messages from a specific domain are sent from servers authorized by the domain owner.
  • DKIM (Domain Keys Identified Mail) adds a digital signature to every message sent. Receiving servers use this signature to verify that messages are authentic and have not been tampered with or altered during sending.
Information DMARC:

Compliance DMARC : SPF + DKIM which allows us to know who (which domain, which IP address) is usurping our identity (our domain name) and validate our messages/domains/IP address.
DMARC Reports files Analyser

HTML (PHP) table for viewing compliance reports DMARC. Analyze the DMARC reports sent by the mail servers receiving your couriers.

SH script to unzip/store ZIP/GZ DMARC files
Retrieve the analyzes of our DMARC reports from your servers.

API JSON RESTful to analyze mail servers spoofing our mail domain names.

Use the API "ZW3B Api Client" :
Information for using our API "ZW3B Api Client".

DMARC Reports +

Emails Reports - Conformance DMARC DKIM SPF
  • Mail server : mail.zw3b.net
    • SPF authorized : 158.69.126.137 2607:5300:60:9389:17:4:0:1

Destination ReportsSender DomainDMARConformanceSPFDKIM

aol.com

w1a.zw3b.net

 Auth.Align.Poli.Auth.Align.Poli.
Report IDDateIp AddressEmail VolumePassFailRatePassFailPassFailPassPassFailPassFailPass
1664(...)14862022-09-25 01:59:59158.69.126.1374210100%1010110101
1663(...)46932022-09-21 01:59:59158.69.126.1377110100%1010110101
1663(...)39002022-09-17 01:59:59158.69.126.1373010100%1010110101
1663(...)39142022-09-14 01:59:59158.69.126.13720150%10101nullnullnullnull0
1663(...)39142022-09-14 01:59:59158.69.126.1375810100%1010110101
1662(...)04252022-09-12 01:59:59158.69.126.13710150%10101nullnullnullnull0
1662(...)04252022-09-12 01:59:59158.69.126.1371210100%1010110101
1662(...)89072022-09-10 01:59:59158.69.126.137410100%1010110101
1662(...)91182022-09-02 01:59:59158.69.126.13750150%10101nullnullnullnull0
1662(...)91182022-09-02 01:59:59158.69.126.1375110100%1010110101
1661(...)61792022-09-01 01:59:59158.69.126.13760150%10101nullnullnullnull0
1661(...)61792022-09-01 01:59:59158.69.126.1373310100%1010110101
1662(...)69242022-09-03 01:59:59158.69.126.13730150%10101nullnullnullnull0
1662(...)69242022-09-03 01:59:59158.69.126.1372410100%1010110101
1662(...)63952022-09-11 01:59:59158.69.126.137410100%1010110101
1663(...)54332022-09-13 01:59:59158.69.126.13710150%10101nullnullnullnull0
1663(...)54332022-09-13 01:59:59158.69.126.1374310100%1010110101
1663(...)78672022-09-15 01:59:59158.69.126.13710410100%1010110101
1663(...)51622022-09-19 01:59:59158.69.126.1374410100%1010110101
1663(...)67482022-09-23 01:59:59158.69.126.1376510100%1010110101
Recipient mail server statistics aol.com for the domain w1a.zw3b.net
  • Past emails : 585
  • Error emails : 18
  • Total emails sent : 603
Destination ReportsSender DomainDMARConformanceSPFDKIM

bellsouth.net

w1a.zw3b.net

 Auth.Align.Poli.Auth.Align.Poli.
Report IDDateIp AddressEmail VolumePassFailRatePassFailPassFailPassPassFailPassFailPass
1662(...)67722022-09-11 01:59:59158.69.126.137110100%1010110101
Recipient mail server statistics bellsouth.net for the domain w1a.zw3b.net
  • Past emails : 1
  • Error emails : 0
  • Total emails sent : 1
Destination ReportsSender DomainDMARConformanceSPFDKIM

google.com

w1a.zw3b.net

 Auth.Align.Poli.Auth.Align.Poli.
Report IDDateIp AddressEmail VolumePassFailRatePassFailPassFailPassPassFailPassFailPass
1699(...)46952022-09-25 01:59:59104.248.224.17010150%1001010101
1699(...)46952022-09-25 01:59:5991.216.107.3710150%1001010101
1699(...)46952022-09-25 01:59:59109.234.163.1820150%0101010101
1699(...)46952022-09-25 01:59:59212.227.17.1310150%1001010101
1699(...)46952022-09-25 01:59:59217.72.192.7510150%1001010101
1699(...)46952022-09-25 01:59:5991.194.100.421010%0101001010
1699(...)46952022-09-25 01:59:59188.130.25.14410150%0101010101
1699(...)46952022-09-25 01:59:59158.69.126.13735010100%1010110101
1596(...)19342022-09-19 01:59:5946.105.42.10510150%0101010101
1596(...)19342022-09-19 01:59:59104.248.224.17010150%1001010101
1596(...)19342022-09-19 01:59:59158.69.126.13722110100%1010110101
1596(...)19342022-09-19 01:59:59109.234.163.1820150%0101010101
4086(...)39212022-09-17 01:59:5982.165.159.4010150%1001010101
4086(...)39212022-09-17 01:59:59158.69.126.13715410100%1010110101
4086(...)39212022-09-17 01:59:59138.197.213.18510150%1001010101
1147(...)48292022-09-11 01:59:59212.227.126.13110150%1001010101
1147(...)48292022-09-11 01:59:5991.109.120.2910150%1001010101
1147(...)48292022-09-11 01:59:59217.70.178.23210150%0101010101
1147(...)48292022-09-11 01:59:5982.165.159.4210150%1001010101
1147(...)48292022-09-11 01:59:59188.130.25.14710150%0101010101
1147(...)48292022-09-11 01:59:5991.216.107.3710150%1001010101
1147(...)48292022-09-11 01:59:59109.234.163.1820150%0101010101
1147(...)48292022-09-11 01:59:59104.248.224.17010150%1001010101
1147(...)48292022-09-11 01:59:595.39.4.21010%10010nullnullnullnull0
1147(...)48292022-09-11 01:59:59212.227.126.13310150%1001010101
1147(...)48292022-09-11 01:59:59217.70.183.19710150%0101010101
1147(...)48292022-09-11 01:59:59158.69.126.13719510100%1010110101
1147(...)48292022-09-11 01:59:592607:5300:60:9389:17:4:0:117510100%1010110101
1494(...)61612022-09-10 01:59:59158.69.126.1375610100%1010110101
1494(...)61612022-09-10 01:59:592607:5300:60:9389:17:4:0:17310100%1010110101
1062(...)00692022-09-12 01:59:59178.33.104.12010150%0101010101
1062(...)00692022-09-12 01:59:59104.248.224.17010150%1001010101
1062(...)00692022-09-12 01:59:59138.197.213.18510150%1001010101
1062(...)00692022-09-12 01:59:592607:5300:60:9389:17:4:0:112110100%1010110101
1062(...)00692022-09-12 01:59:5991.194.100.421010%0101001010
1062(...)00692022-09-12 01:59:59158.69.126.13712610100%1010110101
1373(...)21332022-09-18 01:59:59188.130.25.14710150%0101010101
1373(...)21332022-09-18 01:59:5991.109.120.2910150%1001010101
1373(...)21332022-09-18 01:59:59217.72.192.7510150%1001010101
1373(...)21332022-09-18 01:59:595.39.4.21010%10010nullnullnullnull0
1373(...)21332022-09-18 01:59:59104.248.224.17010150%1001010101
1373(...)21332022-09-18 01:59:5991.194.100.421010%0101001010
1373(...)21332022-09-18 01:59:59217.70.178.23010150%0101010101
1373(...)21332022-09-18 01:59:59217.70.183.19610150%0101010101
1373(...)21332022-09-18 01:59:59158.69.126.13737110100%1010110101
1373(...)21332022-09-18 01:59:5991.216.107.3710150%1001010101
1373(...)21332022-09-18 01:59:59212.227.17.2410150%1001010101
1459(...)16252022-09-24 01:59:59138.197.213.18510150%1001010101
1459(...)16252022-09-24 01:59:592001:4b98:dc4:8::22310150%0101010101
1459(...)16252022-09-24 01:59:592001:4b98:dc4:8::22110150%0101010101
1459(...)16252022-09-24 01:59:59178.33.254.19210150%0101010101
1459(...)16252022-09-24 01:59:59158.69.126.13714410100%1010110101
Recipient mail server statistics google.com for the domain w1a.zw3b.net
  • Past emails : 1,986
  • Error emails : 44
  • Total emails sent : 2,030
Destination ReportsSender DomainDMARConformanceSPFDKIM

infomaniak.com

w1a.zw3b.net

 Auth.Align.Poli.Auth.Align.Poli.
Report IDDateIp AddressEmail VolumePassFailRatePassFailPassFailPassPassFailPassFailPass
w1a.(...)76022022-09-25 00:00:00158.69.126.137110100%10101nullnullnullnull1
w1a.(...)76022022-09-25 00:00:00158.69.126.137110100%10101nullnullnullnull1
w1a.(...)28022022-09-18 00:00:00158.69.126.137110100%10101nullnullnullnull1
w1a.(...)28022022-09-18 00:00:00158.69.126.137110100%10101nullnullnullnull1
w1a.(...)28022022-09-18 00:00:00158.69.126.137110100%10101nullnullnullnull1
w1a.(...)80012022-09-11 00:00:002607:5300:60:9389:17:4:0:1110100%10101nullnullnullnull1
w1a.(...)44012022-09-12 00:00:002607:5300:60:9389:17:4:0:1110100%10101nullnullnullnull1
w1a.(...)44012022-09-12 00:00:00158.69.126.137110100%10101nullnullnullnull1
w1a.(...)92012022-09-19 00:00:00158.69.126.137110100%10101nullnullnullnull1
Recipient mail server statistics infomaniak.com for the domain w1a.zw3b.net
  • Past emails : 9
  • Error emails : 0
  • Total emails sent : 9
Destination ReportsSender DomainDMARConformanceSPFDKIM

netscape.net

w1a.zw3b.net

 Auth.Align.Poli.Auth.Align.Poli.
Report IDDateIp AddressEmail VolumePassFailRatePassFailPassFailPassPassFailPassFailPass
1662(...)39292022-09-12 01:59:59158.69.126.137110100%1010110101
Recipient mail server statistics netscape.net for the domain w1a.zw3b.net
  • Past emails : 1
  • Error emails : 0
  • Total emails sent : 1
Destination ReportsSender DomainDMARConformanceSPFDKIM

seznam.cz

w1a.zw3b.net

 Auth.Align.Poli.Auth.Align.Poli.
Report IDDateIp AddressEmail VolumePassFailRatePassFailPassFailPassPassFailPassFailPass
szn_(...)9-172022-09-18 02:00:00158.69.126.137110100%1010110101
Recipient mail server statistics seznam.cz for the domain w1a.zw3b.net
  • Past emails : 1
  • Error emails : 0
  • Total emails sent : 1
Destination ReportsSender DomainDMARConformanceSPFDKIM

yahoo.ca

w1a.zw3b.net

 Auth.Align.Poli.Auth.Align.Poli.
Report IDDateIp AddressEmail VolumePassFailRatePassFailPassFailPassPassFailPassFailPass
1663(...)51572022-09-21 01:59:59158.69.126.137110100%1010110101
Recipient mail server statistics yahoo.ca for the domain w1a.zw3b.net
  • Past emails : 1
  • Error emails : 0
  • Total emails sent : 1
Destination ReportsSender DomainDMARConformanceSPFDKIM

yahoo.co.uk

w1a.zw3b.net

 Auth.Align.Poli.Auth.Align.Poli.
Report IDDateIp AddressEmail VolumePassFailRatePassFailPassFailPassPassFailPassFailPass
1663(...)84702022-09-17 01:59:59158.69.126.137110100%1010110101
1662(...)68832022-09-11 01:59:5951.15.151.2210150%1001010101
1661(...)13682022-09-01 01:59:59158.69.126.13710150%10101nullnullnullnull0
1663(...)96382022-09-13 01:59:59158.69.126.13710150%10101nullnullnullnull0
1663(...)96382022-09-13 01:59:59158.69.126.137110100%1010110101
Recipient mail server statistics yahoo.co.uk for the domain w1a.zw3b.net
  • Past emails : 2
  • Error emails : 3
  • Total emails sent : 5
Destination ReportsSender DomainDMARConformanceSPFDKIM

yahoo.com

w1a.zw3b.net

 Auth.Align.Poli.Auth.Align.Poli.
Report IDDateIp AddressEmail VolumePassFailRatePassFailPassFailPassPassFailPassFailPass
1664(...)23432022-09-25 01:59:59158.69.126.137810100%1010110101
1663(...)53412022-09-21 01:59:59158.69.126.1371610100%1010110101
1663(...)91212022-09-17 01:59:59158.69.126.137210100%1010110101
1663(...)60952022-09-14 01:59:59158.69.126.1371110100%1010110101
1662(...)42392022-09-12 01:59:59158.69.126.137210100%1010110101
1662(...)25502022-09-03 01:59:59158.69.126.137410100%1010110101
1661(...)14432022-09-01 01:59:59158.69.126.13710150%10101nullnullnullnull0
1661(...)14432022-09-01 01:59:59158.69.126.137510100%1010110101
1662(...)68582022-09-02 01:59:59158.69.126.13710150%10101nullnullnullnull0
1662(...)68582022-09-02 01:59:59158.69.126.137210100%1010110101
1662(...)69932022-09-11 01:59:59158.69.126.137110100%1010110101
1663(...)98732022-09-13 01:59:59158.69.126.1371510100%1010110101
1663(...)56192022-09-15 01:59:59158.69.126.1371010100%1010110101
1663(...)17522022-09-19 01:59:59158.69.126.137810100%1010110101
1663(...)01182022-09-23 01:59:59158.69.126.137810100%1010110101
Recipient mail server statistics yahoo.com for the domain w1a.zw3b.net
  • Past emails : 92
  • Error emails : 2
  • Total emails sent : 94
Destination ReportsSender DomainDMARConformanceSPFDKIM

yahoo.de

w1a.zw3b.net

 Auth.Align.Poli.Auth.Align.Poli.
Report IDDateIp AddressEmail VolumePassFailRatePassFailPassFailPassPassFailPassFailPass
1663(...)18102022-09-23 01:59:59158.69.126.137110100%1010110101
1663(...)94632022-09-17 01:59:59158.69.126.137210100%1010110101
1663(...)88412022-09-14 01:59:59158.69.126.137110100%1010110101
1663(...)77092022-09-21 01:59:59158.69.126.137110100%1010110101
Recipient mail server statistics yahoo.de for the domain w1a.zw3b.net
  • Past emails : 5
  • Error emails : 0
  • Total emails sent : 5
Destination ReportsSender DomainDMARConformanceSPFDKIM

yahoo.es

w1a.zw3b.net

 Auth.Align.Poli.Auth.Align.Poli.
Report IDDateIp AddressEmail VolumePassFailRatePassFailPassFailPassPassFailPassFailPass
1663(...)91452022-09-14 01:59:59158.69.126.137110100%1010110101
Recipient mail server statistics yahoo.es for the domain w1a.zw3b.net
  • Past emails : 1
  • Error emails : 0
  • Total emails sent : 1
Destination ReportsSender DomainDMARConformanceSPFDKIM

yahoo.fr

w1a.zw3b.net

 Auth.Align.Poli.Auth.Align.Poli.
Report IDDateIp AddressEmail VolumePassFailRatePassFailPassFailPassPassFailPassFailPass
1664(...)42122022-09-25 01:59:59158.69.126.13720150%10101nullnullnullnull0
1664(...)42122022-09-25 01:59:59158.69.126.1377310100%1010110101
1663(...)79202022-09-21 01:59:59158.69.126.13710410100%1010110101
1663(...)98062022-09-17 01:59:59158.69.126.13710510100%1010110101
1663(...)95142022-09-14 01:59:59158.69.126.1376410100%1010110101
1662(...)50412022-09-12 01:59:59158.69.126.137100150%10101nullnullnullnull0
1662(...)50412022-09-12 01:59:59158.69.126.1371810100%1010110101
1662(...)98242022-09-10 01:59:59158.69.126.137910100%1010110101
1662(...)72552022-09-02 01:59:59158.69.126.13780150%10101nullnullnullnull0
1662(...)72552022-09-02 01:59:59158.69.126.1371610100%1010110101
1661(...)22802022-09-01 01:59:59158.69.126.137120150%10101nullnullnullnull0
1661(...)22802022-09-01 01:59:59158.69.126.1372910100%1010110101
1662(...)33982022-09-03 01:59:59158.69.126.137110150%10101nullnullnullnull0
1662(...)33982022-09-03 01:59:59158.69.126.1372910100%1010110101
1662(...)70842022-09-11 01:59:59158.69.126.13760150%10101nullnullnullnull0
1662(...)70842022-09-11 01:59:59158.69.126.1373110100%1010110101
1663(...)12812022-09-13 01:59:59158.69.126.13750150%10101nullnullnullnull0
1663(...)12812022-09-13 01:59:59158.69.126.1373610100%1010110101
1663(...)63422022-09-15 01:59:59158.69.126.13710150%10101nullnullnullnull0
1663(...)63422022-09-15 01:59:59158.69.126.1378010100%1010110101
1663(...)28582022-09-19 01:59:59158.69.126.13710150%10101nullnullnullnull0
1663(...)28582022-09-19 01:59:59158.69.126.1376310100%1010110101
1663(...)20852022-09-23 01:59:59158.69.126.13711210100%1010110101
Recipient mail server statistics yahoo.fr for the domain w1a.zw3b.net
  • Past emails : 769
  • Error emails : 56
  • Total emails sent : 825
Destination ReportsSender DomainDMARConformanceSPFDKIM

ymail.com

w1a.zw3b.net

 Auth.Align.Poli.Auth.Align.Poli.
Report IDDateIp AddressEmail VolumePassFailRatePassFailPassFailPassPassFailPassFailPass
1663(...)57052022-09-23 01:59:59158.69.126.137110100%1010110101
Recipient mail server statistics ymail.com for the domain w1a.zw3b.net
  • Past emails : 1
  • Error emails : 0
  • Total emails sent : 1
Global statistics of the month (JSON file)

  • E-mails sent : 3,577
  • E-mails past : 3,454
  • E-mails errors : 78

DMARC statistics on spoofing servers :

  1. Address IP sender : 109.234.163.18 corbeau.smtp.jabatus.fr. (6 emails sent unauthorized)
  2. Address IP sender : 104.248.224.170 mx2.forwardemail.net. (5 emails sent unauthorized)
  3. Address IP sender : 91.216.107.37 mail20.lwspanel.com. (3 emails sent unauthorized)
  4. Address IP sender : 91.194.100.42 mail3.novius.net. (3 emails sent unauthorized)
  5. Address IP sender : 138.197.213.185 mx1.forwardemail.net. (3 emails sent unauthorized)
  6. Address IP sender : 217.72.192.75 mout.kundenserver.de. (2 emails sent unauthorized)
  7. Address IP sender : 5.39.4.2 mail.espci.org. (2 emails sent unauthorized)
  8. Address IP sender : 188.130.25.147 smtpout7.phpnet.org. (2 emails sent unauthorized)
  9. Address IP sender : 91.109.120.29 smtp2.netanswer.fr. (2 emails sent unauthorized)
  10. Address IP sender : 212.227.17.13 mout.kundenserver.de. (1 emails sent unauthorized)
  11. Address IP sender : 188.130.25.144 smtpout4.phpnet.org. (1 emails sent unauthorized)
  12. Address IP sender : 46.105.42.105 6.mo554.mail-out.ovh.net. (1 emails sent unauthorized)
  13. Address IP sender : 212.227.126.131 mout.kundenserver.de. (1 emails sent unauthorized)
  14. Address IP sender : 82.165.159.40 mout-xforward.gmx.net. (1 emails sent unauthorized)
  15. Address IP sender : 217.70.178.232 relay12.mail.gandi.net. (1 emails sent unauthorized)
  16. Address IP sender : 212.227.126.133 mout.kundenserver.de. (1 emails sent unauthorized)
  17. Address IP sender : 217.70.183.197 relay5-d.mail.gandi.net. (1 emails sent unauthorized)
  18. Address IP sender : 178.33.104.120 15.mo551.mail-out.ovh.net. (1 emails sent unauthorized)
  19. Address IP sender : 217.70.178.230 relay10.mail.gandi.net. (1 emails sent unauthorized)
  20. Address IP sender : 217.70.183.196 relay4-d.mail.gandi.net. (1 emails sent unauthorized)
  21. Address IP sender : 212.227.17.24 mout.kundenserver.de. (1 emails sent unauthorized)
  22. Address IP sender : 2001:4b98:dc4:8::223 relay3-d.mail.gandi.net. (1 emails sent unauthorized)
  23. Address IP sender : 2001:4b98:dc4:8::221 relay1-d.mail.gandi.net. (1 emails sent unauthorized)
  24. Address IP sender : 178.33.254.192 3.mo552.mail-out.ovh.net. (1 emails sent unauthorized)
  25. Address IP sender : 82.165.159.42 mout-xforward.gmx.net. (1 emails sent unauthorized)
  26. Address IP sender : 51.15.151.22 19.znix-out.gorgu.net. (1 emails sent unauthorized)

  • Mail sender servers unauthorized : 26
  • E-mails unauthorized : 45

And above all, could a competent authority verify the IP addresses of usurpers ? Should I add "and sanction them" or am I to do it ? Thank you !

Supports DMARC:





Welcome !

Author of the section

ZW3B

ZW3B

  • Firstname : The Web
  • Lastname : : Master
  • Arrived on tuesday 09 august 2011 (2011/08/09 00:00)
    11 years activity !