ZW3B :-:
infos
usr

Prevent spoofing and phishing with DMARC (Domain-based Message Authentication, Report...

Site user blocks : Account info / user rights / summary

DMARC Reports

Prevent spoofing and phishing with DMARC

DMARC is a technical specification created by a group of organizations that want to help reduce the misuse of emails, such as spam, phishing, by providing a solution for deploying and monitoring problems related to their authentication.

This technology has been standardized by the Internet Engineering Task Force (IETF) in the RFC 7489.

DMARC standardizes how recipients (in the sense of recipient MTAs) perform email authentication using the Sender Policy Framework and DomainKeys Identified Mail mechanisms. This means that the sender (in the sense of a sending MTA) will receive the results of the authentication of its messages by any recipient that implements DMARC.

Domain-based Message Authentication, Reporting, and Conformance

DMARC (Domain-based Message Authentication, Reporting, and Conformance) is a standard email authentication method. DMARC allows email administrators to prevent hackers from impersonating their organization and domain. Spoofing is a type of attack in which the address in the From field of an email is spoofed. A spoofing message appears to come from the spoofed organization or domain.

DMARC also lets you request reports from mail servers that receive mail from your organization or domain. These reports contain information to help you identify possible authentication issues and malicious activity related to messages sent from your domain.

DMARC prevents spoofing and phishing

Spammers can spoof your domain or organization to send fraudulent messages that impersonate your organization. DMARC tells mail servers what action to take when they receive a message that appears to come from your organization, but does not pass authentication checks or does not meet the authentication criteria of your DMARC rule record. Messages that aren't authenticated can impersonate your organization or be sent from unauthorized servers.

DMARC is always used with the following two authentication methods or controls:

  • The Sender Policy Framework (SPF) protocol allows the domain owner to authorize IP addresses to send email for the domain. Receiving servers can verify that messages from a specific domain are sent from servers authorized by the domain owner.
  • DKIM (Domain Keys Identified Mail) adds a digital signature to every message sent. Receiving servers use this signature to verify that messages are authentic and have not been tampered with or altered during sending.
Information DMARC:

About DMARC+

Compliance DMARC : SPF + DKIM which allows us to know who (which domain, which IP address) is usurping our identity (our domain name) and validate our messages/domains/IP address.
DMARC Reports files Analyser

HTML (PHP) table for viewing compliance reports DMARC. Analyze the DMARC reports sent by the mail servers receiving your couriers.

SH script to unzip/store ZIP/GZ DMARC files
Retrieve the analyzes of our DMARC reports from your servers.

API JSON RESTful to analyze mail servers spoofing our mail domain names.

Use the API "ZW3B Api Client" :
Information for using our API "ZW3B Api Client".

DMARC Reports +

Emails Reports - Conformance DMARC DKIM SPF
  • Sender Mail server : mail.zw3b.net
    • SPF authorized : 158.69.126.137 2607:5300:60:9389:17:4:0:1

Destination ReportsSender DomainDMARConformanceSPFDKIM

aol.com

w1a.zw3b.net

 Auth.Align.Poli.Auth.Align.Poli.
Report IDDateIp AddressEmail VolumePassFailRatePassFailPassFailPassPassFailPassFailPass
1686(...)07552023-06-06 01:59:59158.69.126.1375710100%1010110101
1686(...)07552023-06-06 01:59:59158.69.126.137210100%10101nullnull001
1685(...)71692023-06-04 01:59:59158.69.126.1375810100%1010110101
1685(...)71692023-06-04 01:59:59158.69.126.137510100%10101nullnull001
1685(...)99042023-06-02 01:59:59158.69.126.137410100%1010110101
1685(...)21812023-06-01 01:59:59158.69.126.137110100%1010110101
1685(...)86122023-06-03 01:59:59158.69.126.1371210100%1010110101
1685(...)20962023-06-05 01:59:59158.69.126.1375410100%1010110101
1685(...)20962023-06-05 01:59:59158.69.126.137410100%10101nullnull001
Recipient mail server statistics aol.com for the domain w1a.zw3b.net
  • Past emails : 197
  • Error emails : 0
  • Total emails sent : 197
Destination ReportsSender DomainDMARConformanceSPFDKIM

bellsouth.net

w1a.zw3b.net

 Auth.Align.Poli.Auth.Align.Poli.
Report IDDateIp AddressEmail VolumePassFailRatePassFailPassFailPassPassFailPassFailPass
1685(...)65112023-06-04 01:59:59158.69.126.137110100%1010110101
Recipient mail server statistics bellsouth.net for the domain w1a.zw3b.net
  • Past emails : 1
  • Error emails : 0
  • Total emails sent : 1
Destination ReportsSender DomainDMARConformanceSPFDKIM

enterprise.protection.outlook.com

w1a.zw3b.net

 Auth.Align.Poli.Auth.Align.Poli.
Report IDDateIp AddressEmail VolumePassFailRatePassFailPassFailPassPassFailPassFailPass
7298(...)034c2023-06-05 02:00:00158.69.126.13720150%1010101010
7298(...)034c2023-06-05 02:00:00104.47.17.1691010%0101001010
7298(...)034c2023-06-05 02:00:00158.69.126.13710150%1010101010
7298(...)034c2023-06-05 02:00:00158.69.126.13710150%1010101010
7298(...)034c2023-06-05 02:00:00104.47.17.1751010%0101001010
7298(...)034c2023-06-05 02:00:00158.69.126.13710150%1010101010
7298(...)034c2023-06-05 02:00:00104.47.17.1121010%0101001010
7298(...)034c2023-06-05 02:00:00158.69.126.13720150%1010101010
7298(...)034c2023-06-05 02:00:00158.69.126.13720150%1010101010
7298(...)034c2023-06-05 02:00:00104.47.13.501010%0101001010
7298(...)034c2023-06-05 02:00:00158.69.126.13710150%1010101010
7298(...)034c2023-06-05 02:00:00158.69.126.13710150%1010101010
7298(...)034c2023-06-05 02:00:00158.69.126.13710150%1010101010
7298(...)034c2023-06-05 02:00:00158.69.126.13710150%1010101010
7298(...)034c2023-06-05 02:00:00158.69.126.13710150%1010101010
7298(...)034c2023-06-05 02:00:00158.69.126.13710150%1010101010
7298(...)034c2023-06-05 02:00:00104.47.1.561010%0101001010
7298(...)034c2023-06-05 02:00:00104.47.13.551010%0101001010
7298(...)034c2023-06-05 02:00:00158.69.126.13710150%1010101010
7298(...)034c2023-06-05 02:00:00158.69.126.13720150%1010101010
7298(...)034c2023-06-05 02:00:00104.47.0.581010%0101001010
7298(...)034c2023-06-05 02:00:00104.47.14.561010%0101001010
7298(...)034c2023-06-05 02:00:00158.69.126.13710150%1010101010
7298(...)034c2023-06-05 02:00:00104.47.18.1041010%0101001010
7298(...)034c2023-06-05 02:00:00158.69.126.13720150%1010101010
7298(...)034c2023-06-05 02:00:00158.69.126.13710150%1010101010
7298(...)034c2023-06-05 02:00:00158.69.126.13710150%1010101010
7298(...)034c2023-06-05 02:00:00158.69.126.13710150%1010101010
7298(...)034c2023-06-05 02:00:00104.47.18.1061010%0101001010
7298(...)034c2023-06-05 02:00:00104.47.14.531010%0101001010
7298(...)034c2023-06-05 02:00:00104.47.11.1111010%0101001010
7298(...)034c2023-06-05 02:00:00158.69.126.13710150%1010101010
7298(...)034c2023-06-05 02:00:00158.69.126.13710150%1010101010
7298(...)034c2023-06-05 02:00:00104.47.11.2411010%0101001010
7298(...)034c2023-06-05 02:00:00158.69.126.13710150%1010101010
7298(...)034c2023-06-05 02:00:00158.69.126.13720150%1010101010
7298(...)034c2023-06-05 02:00:00158.69.126.13710150%1010101010
7298(...)034c2023-06-05 02:00:00104.47.1.551010%0101001010
7298(...)034c2023-06-05 02:00:00158.69.126.13710150%1010101010
7298(...)034c2023-06-05 02:00:00158.69.126.13710150%1010101010
7298(...)034c2023-06-05 02:00:00158.69.126.13710150%1010101010
7298(...)034c2023-06-05 02:00:00104.47.0.541010%0101001010
7298(...)034c2023-06-05 02:00:00104.47.30.1051010%0101001010
7298(...)034c2023-06-05 02:00:00104.47.12.561010%0101001010
7298(...)034c2023-06-05 02:00:00158.69.126.13710150%1010101010
7298(...)034c2023-06-05 02:00:00158.69.126.13710150%1010101010
7298(...)034c2023-06-05 02:00:00158.69.126.13710150%1010101010
7298(...)034c2023-06-05 02:00:0062.204.63.2081010%0101001010
7298(...)034c2023-06-05 02:00:00158.69.126.13710150%1010101010
7298(...)034c2023-06-05 02:00:00158.69.126.13710150%1010101010
Recipient mail server statistics enterprise.protection.outlook.com for the domain w1a.zw3b.net
  • Past emails : 0
  • Error emails : 56
  • Total emails sent : 56
Destination ReportsSender DomainDMARConformanceSPFDKIM

google.com

w1a.zw3b.net

 Auth.Align.Poli.Auth.Align.Poli.
Report IDDateIp AddressEmail VolumePassFailRatePassFailPassFailPassPassFailPassFailPass
3670(...)63422023-06-05 01:59:5982.165.159.4010150%1001010101
3670(...)63422023-06-05 01:59:59158.69.126.13710010100%1010110101
3670(...)63422023-06-05 01:59:5993.17.128.21710150%0101010101
3670(...)63422023-06-05 01:59:5980.12.242.1710150%1001010101
3670(...)63422023-06-05 01:59:592607:5300:60:9389:17:4:0:18310100%1010110101
6006(...)31522023-06-03 01:59:5980.12.242.2410150%1001010101
6006(...)31522023-06-03 01:59:5946.105.59.14510150%0101010101
6006(...)31522023-06-03 01:59:59158.69.126.1378010100%1010110101
6006(...)31522023-06-03 01:59:592607:5300:60:9389:17:4:0:17910100%1010110101
1145(...)60852023-06-04 01:59:5980.12.242.2110150%1001010101
1145(...)60852023-06-04 01:59:5980.12.242.1510150%1001010101
1145(...)60852023-06-04 01:59:5980.12.242.2010150%1001010101
1145(...)60852023-06-04 01:59:59212.227.126.13010150%1001010101
1145(...)60852023-06-04 01:59:59158.69.126.13719510100%1010110101
1145(...)60852023-06-04 01:59:5980.12.242.2310150%1001010101
1145(...)60852023-06-04 01:59:59217.70.178.23310150%1001010101
1145(...)60852023-06-04 01:59:5980.12.242.2510150%1001010101
1145(...)60852023-06-04 01:59:5991.216.107.3710150%0101010101
1145(...)60852023-06-04 01:59:59212.227.126.13510150%1001010101
1145(...)60852023-06-04 01:59:5980.12.242.3010150%1001010101
1145(...)60852023-06-04 01:59:5991.109.120.2910150%1001010101
1145(...)60852023-06-04 01:59:59217.70.178.23410150%1001010101
1145(...)60852023-06-04 01:59:5980.12.242.1810150%1001010101
1145(...)60852023-06-04 01:59:592607:5300:60:9389:17:4:0:120510100%1010110101
1145(...)60852023-06-04 01:59:5991.194.100.421010%0101001010
1145(...)60852023-06-04 01:59:595.39.4.21010%10010nullnullnullnull0
1145(...)60852023-06-04 01:59:59188.130.25.14910150%0101010101
1145(...)60852023-06-04 01:59:5924.41.67.4210150%0101010101
1145(...)60852023-06-04 01:59:59109.234.163.1820150%0101010101
1145(...)60852023-06-04 01:59:5980.12.242.2210150%1001010101
Recipient mail server statistics google.com for the domain w1a.zw3b.net
  • Past emails : 742
  • Error emails : 25
  • Total emails sent : 767
Destination ReportsSender DomainDMARConformanceSPFDKIM

infomaniak.com

w1a.zw3b.net

 Auth.Align.Poli.Auth.Align.Poli.
Report IDDateIp AddressEmail VolumePassFailRatePassFailPassFailPassPassFailPassFailPass
w1a.(...)68012023-06-05 00:00:002607:5300:60:9389:17:4:0:1110100%10101nullnullnullnull1
w1a.(...)68012023-06-05 00:00:002607:5300:60:9389:17:4:0:1110100%10101nullnullnullnull1
w1a.(...)04012023-06-04 00:00:00158.69.126.137110100%10101nullnullnullnull1
Recipient mail server statistics infomaniak.com for the domain w1a.zw3b.net
  • Past emails : 3
  • Error emails : 0
  • Total emails sent : 3
Destination ReportsSender DomainDMARConformanceSPFDKIM

yahoo.ca

w1a.zw3b.net

 Auth.Align.Poli.Auth.Align.Poli.
Report IDDateIp AddressEmail VolumePassFailRatePassFailPassFailPassPassFailPassFailPass
1686(...)52852023-06-06 01:59:59158.69.126.137310100%1010110101
1685(...)66972023-06-04 01:59:59158.69.126.137110100%1010110101
1685(...)09092023-06-05 01:59:59158.69.126.137110100%1010110101
Recipient mail server statistics yahoo.ca for the domain w1a.zw3b.net
  • Past emails : 5
  • Error emails : 0
  • Total emails sent : 5
Destination ReportsSender DomainDMARConformanceSPFDKIM

yahoo.co.uk

w1a.zw3b.net

 Auth.Align.Poli.Auth.Align.Poli.
Report IDDateIp AddressEmail VolumePassFailRatePassFailPassFailPassPassFailPassFailPass
1686(...)60912023-06-06 01:59:59158.69.126.137310100%1010110101
1685(...)68802023-06-04 01:59:5951.15.151.2210150%1001010101
1685(...)10972023-06-05 01:59:59158.69.126.137210100%1010110101
Recipient mail server statistics yahoo.co.uk for the domain w1a.zw3b.net
  • Past emails : 5
  • Error emails : 1
  • Total emails sent : 6
Destination ReportsSender DomainDMARConformanceSPFDKIM

yahoo.com

w1a.zw3b.net

 Auth.Align.Poli.Auth.Align.Poli.
Report IDDateIp AddressEmail VolumePassFailRatePassFailPassFailPassPassFailPassFailPass
1686(...)68732023-06-06 01:59:59158.69.126.1372910100%1010110101
1686(...)68732023-06-06 01:59:59158.69.126.137210100%10101nullnull001
1685(...)70742023-06-04 01:59:59158.69.126.1371210100%1010110101
1685(...)12492023-06-03 01:59:59158.69.126.137210100%1010110101
1685(...)14432023-06-05 01:59:59158.69.126.1372410100%1010110101
1685(...)14432023-06-05 01:59:59158.69.126.137210100%10101nullnull001
Recipient mail server statistics yahoo.com for the domain w1a.zw3b.net
  • Past emails : 71
  • Error emails : 0
  • Total emails sent : 71
Destination ReportsSender DomainDMARConformanceSPFDKIM

yahoo.de

w1a.zw3b.net

 Auth.Align.Poli.Auth.Align.Poli.
Report IDDateIp AddressEmail VolumePassFailRatePassFailPassFailPassPassFailPassFailPass
1686(...)45322023-06-06 01:59:59158.69.126.137110100%1010110101
1685(...)88782023-06-04 01:59:59158.69.126.137110100%1010110101
1685(...)23942023-06-01 01:59:59158.69.126.137210100%1010110101
1685(...)54422023-06-05 01:59:59158.69.126.137110100%1010110101
Recipient mail server statistics yahoo.de for the domain w1a.zw3b.net
  • Past emails : 5
  • Error emails : 0
  • Total emails sent : 5
Destination ReportsSender DomainDMARConformanceSPFDKIM

yahoo.fr

w1a.zw3b.net

 Auth.Align.Poli.Auth.Align.Poli.
Report IDDateIp AddressEmail VolumePassFailRatePassFailPassFailPassPassFailPassFailPass
1686(...)52962023-06-06 01:59:59158.69.126.13711010100%1010110101
1685(...)90732023-06-04 01:59:59158.69.126.13715110100%1010110101
1685(...)90732023-06-04 01:59:59158.69.126.137210100%10101nullnull001
1685(...)05382023-06-02 01:59:59158.69.126.13711710100%1010110101
1685(...)27432023-06-01 01:59:59158.69.126.13712310100%1010110101
1685(...)17082023-06-03 01:59:59158.69.126.1375710100%1010110101
1685(...)56702023-06-05 01:59:59158.69.126.13710510100%1010110101
1685(...)56702023-06-05 01:59:59158.69.126.137210100%10101nullnull001
Recipient mail server statistics yahoo.fr for the domain w1a.zw3b.net
  • Past emails : 667
  • Error emails : 0
  • Total emails sent : 667
Destination ReportsSender DomainDMARConformanceSPFDKIM

yahoo.ie

w1a.zw3b.net

 Auth.Align.Poli.Auth.Align.Poli.
Report IDDateIp AddressEmail VolumePassFailRatePassFailPassFailPassPassFailPassFailPass
1685(...)47652023-06-03 01:59:59158.69.126.137110100%1010110101
Recipient mail server statistics yahoo.ie for the domain w1a.zw3b.net
  • Past emails : 1
  • Error emails : 0
  • Total emails sent : 1
Global statistics of the month (JSON file)

  • E-mails sent : 1,779
  • E-mails past : 1,697
  • E-mails errors : 38

DMARC statistics on spoofing servers :

  1. Address IP sender : 109.234.163.18 corbeau.smtp.jabatus.fr. (2 emails sent unauthorized)
  2. Address IP sender : 82.165.159.40 mout-xforward.gmx.net. (1 emails sent unauthorized)
  3. Address IP sender : 62.204.63.208 degpfptppapav41.pwc.com. (1 emails sent unauthorized)
  4. Address IP sender : 104.47.12.56 mail-db3eur04lp2056.outbound.protection.outlook.com. (1 emails sent unauthorized)
  5. Address IP sender : 104.47.30.105 mail-vi1eur03lp2105.outbound.protection.outlook.com. (1 emails sent unauthorized)
  6. Address IP sender : 104.47.0.54 mail-he1eur01lp2054.outbound.protection.outlook.com. (1 emails sent unauthorized)
  7. Address IP sender : 104.47.1.55 mail-ve1eur01lp2055.outbound.protection.outlook.com. (1 emails sent unauthorized)
  8. Address IP sender : 104.47.11.241 mail-am0eur02lp2241.outbound.protection.outlook.com. (1 emails sent unauthorized)
  9. Address IP sender : 104.47.11.111 mail-db5eur02lp2111.outbound.protection.outlook.com. (1 emails sent unauthorized)
  10. Address IP sender : 104.47.14.53 mail-vi1eur04lp2053.outbound.protection.outlook.com. (1 emails sent unauthorized)
  11. Address IP sender : 104.47.18.106 mail-am6eur05lp2106.outbound.protection.outlook.com. (1 emails sent unauthorized)
  12. Address IP sender : 104.47.18.104 mail-am6eur05lp2104.outbound.protection.outlook.com. (1 emails sent unauthorized)
  13. Address IP sender : 104.47.14.56 mail-vi1eur04lp2056.outbound.protection.outlook.com. (1 emails sent unauthorized)
  14. Address IP sender : 104.47.0.58 mail-he1eur01lp2058.outbound.protection.outlook.com. (1 emails sent unauthorized)
  15. Address IP sender : 104.47.13.55 mail-he1eur04lp2055.outbound.protection.outlook.com. (1 emails sent unauthorized)
  16. Address IP sender : 104.47.1.56 mail-ve1eur01lp2056.outbound.protection.outlook.com. (1 emails sent unauthorized)
  17. Address IP sender : 104.47.13.50 mail-he1eur04lp2050.outbound.protection.outlook.com. (1 emails sent unauthorized)
  18. Address IP sender : 104.47.17.112 mail-db8eur05lp2112.outbound.protection.outlook.com. (1 emails sent unauthorized)
  19. Address IP sender : 104.47.17.175 mail-vi1eur05lp2175.outbound.protection.outlook.com. (1 emails sent unauthorized)
  20. Address IP sender : 93.17.128.217 smtp26.services.sfr.fr. (1 emails sent unauthorized)
  21. Address IP sender : 80.12.242.17 smtp-17.smtpout.orange.fr. (1 emails sent unauthorized)
  22. Address IP sender : 80.12.242.24 smtp-24.smtpout.orange.fr. (1 emails sent unauthorized)
  23. Address IP sender : 46.105.59.145 25.mo556.mail-out.ovh.net. (1 emails sent unauthorized)
  24. Address IP sender : 80.12.242.22 smtp-22.smtpout.orange.fr. (1 emails sent unauthorized)
  25. Address IP sender : 24.41.67.42 smarth-prod2.sys.elnk.net. (1 emails sent unauthorized)
  26. Address IP sender : 188.130.25.149 smtpout9.phpnet.org. (1 emails sent unauthorized)
  27. Address IP sender : 5.39.4.2 mail.espci.org. (1 emails sent unauthorized)
  28. Address IP sender : 91.194.100.42 mail3.novius.net. (1 emails sent unauthorized)
  29. Address IP sender : 80.12.242.18 smtp-18.smtpout.orange.fr. (1 emails sent unauthorized)
  30. Address IP sender : 217.70.178.234 relay14.mail.gandi.net. (1 emails sent unauthorized)
  31. Address IP sender : 91.109.120.29 smtp2.netanswer.fr. (1 emails sent unauthorized)
  32. Address IP sender : 104.47.17.169 mail-vi1eur05lp2169.outbound.protection.outlook.com. (1 emails sent unauthorized)
  33. Address IP sender : 80.12.242.30 smtp-30.smtpout.orange.fr. (1 emails sent unauthorized)
  34. Address IP sender : 91.216.107.37 mail20.lwspanel.com. (1 emails sent unauthorized)
  35. Address IP sender : 80.12.242.25 smtp-25.smtpout.orange.fr. (1 emails sent unauthorized)
  36. Address IP sender : 217.70.178.233 relay13.mail.gandi.net. (1 emails sent unauthorized)
  37. Address IP sender : 80.12.242.23 smtp-23.smtpout.orange.fr. (1 emails sent unauthorized)
  38. Address IP sender : 212.227.126.130 mout.kundenserver.de. (1 emails sent unauthorized)
  39. Address IP sender : 80.12.242.20 smtp-20.smtpout.orange.fr. (1 emails sent unauthorized)
  40. Address IP sender : 80.12.242.15 smtp-15.smtpout.orange.fr. (1 emails sent unauthorized)
  41. Address IP sender : 80.12.242.21 smtp-21.smtpout.orange.fr. (1 emails sent unauthorized)
  42. Address IP sender : 212.227.126.135 mout.kundenserver.de. (1 emails sent unauthorized)
  43. Address IP sender : 51.15.151.22 19.znix-out.gorgu.net. (1 emails sent unauthorized)

  • Mail sender servers unauthorized : 43
  • E-mails unauthorized : 44

And above all, could a competent authority verify the IP addresses of usurpers ? Should I add "and sanction them" or am I to do it ? Thank you !

Supports DMARC:
Install "Mail-DMARC" protection on the mail server as security against non-domain compliant incoming (receiving) mail based on message authentication and good compliance :


If you want to install "Mail-DMARC Security and reporting" on your mail server, you can use this OpenSource solution (perl) which will allow you to secure your mailboxes from incoming messages not compliant DMARC.




Welcome !

Author of the section

ZW3B

ZW3B

  • Firstname : The Web
  • Lastname : : Master
  • Arrived on tuesday 09 august 2011 (2011/08/09 00:00)
    11 years activity !