- cross-posted to:
- tech@links.roobre.es
- cross-posted to:
- tech@links.roobre.es
Email is an open system, right? Anyone can send a message to anyone… unless they are on Gmail! School Interviews uses two email servers t…
Email is an open system, right? Anyone can send a message to anyone… unless they are on Gmail! School Interviews uses two email servers t…
How does one send a spam email that passes SPF and DKIM if one doesn’t have access to the DKIM private key, or the DNS server to edit the SPF or DKIM records?
You can’t… But you can register a domain and set up your own DKIM key and DNS records and then use it to send spam (until you get blacklisted, anyway). There’s a cost to doing that, though, so it’s less appealing.
I always just assumed spammers could make a DKIM private key and access a DNS server as easily as any of the rest of us.
Spammers were the first to adopt SPF, DKIM, and DMARC for their operations when they were first introduced. Monitoring a couple of “online mass marketing” forums was where a lot of us learned how to set it up ourselves, because spammers’ howtos were better than the documentation for any of those measures.