You can use the command line (if comfortable) to spoof an email from a domain that has p=reject by sending it to your address (eg gerben.wie...@rna.nl). You can use From: u...@agari.com<mailto:u...@agari.com> (p=reject) if you like or any other domain with p=reject to spoof an email to your mail server. (eg chase.com). The spoofed email will fail SPF and DKIM and you should not receive a copy of the message in your inbox and your gateway that enforces DMARC should log or report the message was rejected.
Here’s a site that specifies how to use command line to spoof email https://dougvitale.wordpress.com/2011/12/31/send-spoofed-emails-with-telnet/ If you are not comfortable with command line there are online tools to spoof email. I’ve never used them so am hesitant to recommend… I’ve included two below from quick internet searches – but I cannot tell you how well they work. They are top 5 search engine results so I assume they are safe and reliable enough. Use at your own risk though if you aren’t comfortable with the command line. https://emkei.cz/ https://www.spoofbox.com/en/app/spoof-email pat From: dmarc-discuss <dmarc-discuss-boun...@dmarc.org> on behalf of "dmarc-discuss@dmarc.org" <dmarc-discuss@dmarc.org> Reply-To: Gerben Wierda <gerben.wie...@rna.nl> Date: Tuesday, January 7, 2020 at 1:20 PM To: Ken O'Driscoll <k...@wemonitoremail.com> Cc: "dmarc-discuss@dmarc.org" <dmarc-discuss@dmarc.org> Subject: Re: [dmarc-discuss] Testing DMARC Certainly, for received mail I can even just look in the headers. I am using rspamd as part of the mail setup, so maybe I can do something with rspamd logging. But the question is about reliably triggering a test where the mail server must reject. So reliably triggering so I can look at the logs to see what happens. E.g. a service that sends me a mail message but purposely from an IP that is not in the SPF record and/or a DKIM signature that is wrong and/or a DMARC situation where spf and skim do not match up. Something spammers would do. G On 7 Jan 2020, at 19:15, Ken O'Driscoll via dmarc-discuss <dmarc-discuss@dmarc.org<mailto:dmarc-discuss@dmarc.org>> wrote: On Tue, 2020-01-07 at 17:04 +0100, Gerben Wierda via dmarc-discuss wrote: But I would like to see if a message that comes from outside and that should be blocked because the owner of the domain has a policy p=reject. So, some sort of tester that is able to make me test how I react on incoming mail I should reject. Does something like that exist? Perhaps I misunderstand, but wouldn't your inbound email server logs tell you how DMARC is evaluated for inbound emails from domains which you do not control? Ken. _______________________________________________ dmarc-discuss mailing list dmarc-discuss@dmarc.org<mailto:dmarc-discuss@dmarc.org> http://www.dmarc.org/mailman/listinfo/dmarc-discuss NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)
_______________________________________________ dmarc-discuss mailing list dmarc-discuss@dmarc.org http://www.dmarc.org/mailman/listinfo/dmarc-discuss NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)
