Skip Navigation

Privacy @lemmy.world

Der_Fossyler @feddit.org

1d ago

Google Spoofed Via DKIM Replay Attack | EasyDMARC

Google Spoofed Via DKIM Replay Attack: A Technical Breakdown

Privacy @lemmy.dbzer0.com

cm0002 @lemmy.world

23h ago

Google Spoofed Via DKIM Replay Attack | EasyDMARC

easydmarc.com /blog/google-spoofed-via-dkim-replay-attack-a-technical-breakdown/

Privacy @lemmy.ml

Der_Fossyler @feddit.org

1d ago

Google Spoofed Via DKIM Replay Attack | EasyDMARC

easydmarc.com /blog/google-spoofed-via-dkim-replay-attack-a-technical-breakdown/

Hacker News @lemmy.bestiver.se

RSS Bot @lemmy.bestiver.se

2d ago

Google spoofed via DKIM replay attack: A technical breakdown

easydmarc.com /blog/google-spoofed-via-dkim-replay-attack-a-technical-breakdown/

3 comments

Even if they could reuse a DKIM hash on an email (pretty sure this is unique per email and would fail on a legitimate check), SPF would show its obviously not from Google. So just make sure your email server correctly handles DKIM verification and blocks SPF hard fails, and you're probably good against this.
I stopped reading when I realised the publisher is a company that sells a product that fixes the supposed problem.
Maybe this is a thing, maybe it isn't, but I don't have the resources to go on reading and analyze it.
it would be nice if people didn't use AI to write their articles.