Closed Bug 1690599 Opened 4 years ago Closed 4 years ago

DMARC Policy Not Enabled

Tracking

(Not tracked)

Status:

RESOLVED DUPLICATE of bug 1339102

People

(Reporter: aptsiaurivazha, Unassigned)

References

(
URL
)

Details

(Keywords: reporter-external, Whiteboard: [reporter-external] [web-bounty-form] [verif?])

aptsiaurivazha

Reporter

Description

•

4 years ago

Hello, i checked DMARC records of mozilla.org and "DMARC Policy Not Enabled"
so, it's easy for attacker to send email from name "support" or any name and Email: "support@mozilla.org" so, he can take over user account lets say victim knows the phishing attacks, but when he sees the email from the authorized domain. He gets tricked easily.

you can test it here: https://emkei.cz/

Flags: sec-bounty?

Greg G

Updated

•

4 years ago

Status: UNCONFIRMED → RESOLVED

Closed: 4 years ago

Resolution: --- → DUPLICATE

Greg G

Updated

•

4 years ago

Flags: sec-bounty? → sec-bounty-

Daniel Veditz [:dveditz]

Updated

•

10 months ago

Group: websites-security

Duplicate of bug: dmarc-everything
No longer duplicate of bug: 1632799

David Lawrence [:dkl]

Updated

•

9 months ago

Keywords: reporter-external

You need to log in before you can comment on or make changes to this bug.

Bugzilla

DMARC Policy Not Enabled

Categories

(Websites :: Other, task)

Tracking

(Not tracked)

People

(Reporter: aptsiaurivazha, Unassigned)

References

(
URL
)

Details

(Keywords: reporter-external, Whiteboard: [reporter-external] [web-bounty-form] [verif?])

Crash Data

Security

(public)

User Story

Description

Updated

Updated

Updated

Updated