taquiones.net is a Fediverse instance that uses the ActivityPub protocol. In other words, users at this host can communicate with people that use software like Mastodon, Pleroma, Friendica, etc. all around the world.
This server runs the snac software and there is no automatic sign-up process.
After this week's Spring Break, we return in my #SysAdmin class to dive into #SMTP.
We start with an overview of the ecosystem consisting of MUAs, MTAs, MDAs, Access Agents, and tcpdump a simple manual SMTP session over telnet. We then talk about STARTTLS, MTA-STS and #DANE, before diving into #spam defenses, including #SPF, #DKIM, and #DMARC, all with practical examples, tracking lookups and traffic on the sender and receiver.
Video lectures here:
https://youtu.be/Ai8rjqelwsI?si=7_4JnfwHwvFDShx_
@patrickbenkoetter @lairsdragon @bsi I saw this thread because I follow the #DMARC hashtag. Message forwarding works fine as long as the original message is #DKIM signed and the forwarding service does not tamper with the email. #SPF never works with a forwarded message.
You are right that there are many other ways to impersonate an identity, like display name spoofing, but it does prevent from address spoofing. Good security awareness programs train users to look at the from address when checking for impersonation. There are also free DMARC solutions, like the open source software I wrote.
I wrote a detailed blog post about DMARC here: Demystifying DMARC: A guide to preventing email spoofing