On 20201008, at 17:49, Maxim Samo maxim@swill.org wrote:
Last time I looked ubs.com does use DKIM, SPF, and DMARC.
Easy to look:
There is SPF:
$ dig +short ubs.com txt|grep v=spf "v=spf1 include:spf-a.ubs.com include:spf-hosted.ubs.com include:spf.protection.outlook.com -all"
There is definitely DKIM (grabbed from random message):
8<------- Dkim-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ubs.com; h=date :date:content-transfer-encoding:content-type:content-type :mime-version:subject:subject:message-id:from:from:received :received:received:received:received:received; s=srsa2048; t= 1601855040; bh=.... Return-Path: noreply-alerting@ubs.com ------->8
And finally DMARC:
$ dig +short _dmarc.ubs.com txt "v=DMARC1; p=reject; sp=reject; rua=mailto:dmarc-reports-57574806756964364169@open.ch,mailto:dmarc-reports@ubs.com; ruf=mailto:dmarc-forensics@ubs.com; rf=iodef; pct=100; ri=86400"
Seems the fine folks at open.ch have a hand in it ;)
If they did not.... then they would not be able to deliver their mail. And fortunately marketing folks win it over security folks (who can't get other things fixed), thus it get implemented.
Greets, Jeroen