In fact, I've gone and whipped something up: https://xnnd.com/dmarcbounce.cgi
Please don't use it for evil. I may yank it or rate limit it later. Suggestion of a domain to try to get a positive result: mail.ru Feedback welcome. Cheers, Al Iverson On Tue, Jan 7, 2020 at 6:22 PM Al Iverson <aiver...@wombatmail.com> wrote: > > It'd be easy enough to create a web tool to allow for this. Any > opinions about how we'd prevent it from being misused to annoy people? > I do see potential value in offering this. > > SWAKS, for example, is very easy to configure. Gerben, with your > permission, I could set up a one off demo that would attempt to send a > small number of emails to you with forged from addresses. > > To read more about SWAKS, go here: https://www.jetmore.org/john/code/swaks/ > > I use SWAKS internally at Salesforce to confirm mail server allowed > domain relay entries pretty much every day. > > Cheers, > Al Iverson > > On Tue, Jan 7, 2020 at 6:18 PM Patrick Peterson via dmarc-discuss > <dmarc-discuss@dmarc.org> wrote: > > > > You can use the command line (if comfortable) to spoof an email from a > > domain that has p=reject by sending it to your address (eg > > gerben.wie...@rna.nl). You can use From: u...@agari.com (p=reject) if you > > like or any other domain with p=reject to spoof an email to your mail > > server. (eg chase.com). The spoofed email will fail SPF and DKIM and you > > should not receive a copy of the message in your inbox and your gateway > > that enforces DMARC should log or report the message was rejected. > > > > > > > > Here’s a site that specifies how to use command line to spoof email > > > > https://dougvitale.wordpress.com/2011/12/31/send-spoofed-emails-with-telnet/ > > > > > > > > > > > > If you are not comfortable with command line there are online tools to > > spoof email. I’ve never used them so am hesitant to recommend… I’ve > > included two below from quick internet searches – but I cannot tell you how > > well they work. They are top 5 search engine results so I assume they are > > safe and reliable enough. Use at your own risk though if you aren’t > > comfortable with the command line. > > > > https://emkei.cz/ > > > > > > > > https://www.spoofbox.com/en/app/spoof-email > > > > > > > > pat > > > > > > > > From: dmarc-discuss <dmarc-discuss-boun...@dmarc.org> on behalf of > > "dmarc-discuss@dmarc.org" <dmarc-discuss@dmarc.org> > > Reply-To: Gerben Wierda <gerben.wie...@rna.nl> > > Date: Tuesday, January 7, 2020 at 1:20 PM > > To: Ken O'Driscoll <k...@wemonitoremail.com> > > Cc: "dmarc-discuss@dmarc.org" <dmarc-discuss@dmarc.org> > > Subject: Re: [dmarc-discuss] Testing DMARC > > > > > > > > Certainly, for received mail I can even just look in the headers. I am > > using rspamd as part of the mail setup, so maybe I can do something with > > rspamd logging. > > > > > > > > But the question is about reliably triggering a test where the mail server > > must reject. So reliably triggering so I can look at the logs to see what > > happens. > > > > > > > > E.g. a service that sends me a mail message but purposely from an IP that > > is not in the SPF record and/or a DKIM signature that is wrong and/or a > > DMARC situation where spf and skim do not match up. Something spammers > > would do. > > > > > > > > G > > > > > > > > On 7 Jan 2020, at 19:15, Ken O'Driscoll via dmarc-discuss > > <dmarc-discuss@dmarc.org> wrote: > > > > > > > > On Tue, 2020-01-07 at 17:04 +0100, Gerben Wierda via dmarc-discuss wrote: > > > > But I would like to see if a message that comes from outside and that > > should be blocked because the owner of the domain has a policy p=reject. > > So, some sort of tester that is able to make me test how I react on > > incoming mail I should reject. Does something like that exist? > > > > > > Perhaps I misunderstand, but wouldn't your inbound email server logs tell > > you how DMARC is evaluated for inbound emails from domains which you do not > > control? > > > > Ken. > > > > _______________________________________________ > > dmarc-discuss mailing list > > dmarc-discuss@dmarc.org > > http://www.dmarc.org/mailman/listinfo/dmarc-discuss > > > > NOTE: Participating in this list means you agree to the DMARC Note Well > > terms (http://www.dmarc.org/note_well.html) > > > > > > > > _______________________________________________ > > dmarc-discuss mailing list > > dmarc-discuss@dmarc.org > > http://www.dmarc.org/mailman/listinfo/dmarc-discuss > > > > NOTE: Participating in this list means you agree to the DMARC Note Well > > terms (http://www.dmarc.org/note_well.html) > > > > -- > al iverson // wombatmail // chicago > http://www.aliverson.com > http://www.spamresource.com -- al iverson // wombatmail // chicago http://www.aliverson.com http://www.spamresource.com _______________________________________________ dmarc-discuss mailing list dmarc-discuss@dmarc.org http://www.dmarc.org/mailman/listinfo/dmarc-discuss NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)