What is Spoofing?

Email spoofing is sending an email as someone else in attempt to “phish” or trick someone into thinking the email is from someone it is not. There are a few different methods used;

Frequently Asked Questions... with answers!

What is emailSpoofTest.com and what is it used for?

EmailSpoofTest.com is the only safe, easy, and private email self-penetration testing platform with tools needed to test and validate the security of any email system.

The concept: is to send yourself phishing & fraud emails using all the possible ways hackers can fake email; to test if an email system will drop the fraud email or allow fraud email in. If you get any of the clearly marked test emails, there are instructions inside with hints on how to correct the configuration.

Why is there a need for emailSpoofTest.com?

1) We found that even the advanced and carefully configured email security systems have security controls that are misconfigured or the security controls do not work as intended.

2) Ransomware is initialized by email fraud. Stop ransomware at the door by protecting the inbox from fraud.

3) Penetration tests are complicated, expensive, and exposes flaws to a 3rd party. Most penetration tests do not include fraud email testing.

EmailSpoofTest.com empowers businesses to penetration test for email fraud themselves.

I didn't receive any email from emailSpoofTest.com, am I safe?

No, the best way to know you are protected is to have your system validated by our team.

Disclaimer: By using this site you are not safer, nor proving you are safe from anything in any way. This is simply a test tool to help you figure out how exposed (not safe) you might be. Sometimes the emails can take a few minutes to get delivered but typically our emails are delivered within 10 minutes. If its slow, its probably you, not us. Our end of the operation is very fast and simple. If this site stops working correctly please let us know If you did not receive any of our emails, this is not an indicator that you are protected. Check SPAM and other protection mechanisms. 

If you received one of our test emails then your systems are very likely vulnerable If you received one of these emails in your SPAM your systems are very likely vulnerable.

What are you doing with my email address?

You will not get spam sourced from us! This site does not sell your email to ad firms that will annoy you later. We don't store it in a database, we just help you test. We run analytics on site traffic and the number of emails tests. We are interested in how valuable the tool is and how we can make it better for you.

If you find this site useful help us out!

The best way to help is to tell your friends and colleagues on social media. Show people how to use this site. Or use the site as a tool in your own consulting practice. Another way to help is feedback! Tell us how to be better.

Finally, a great way to help is to test often. We see you out there and we appreciate you!

Diagnostic Test Email Definitions E1-E10

Email E1 One valid email from emailSpoofTest.com to make sure you get our emails (should be deliverd to inbox)

Email E2 One email from a disallowed subdomain of an allowed domain, emailSpoofTest.com (should be quarantined by your email servers)

DNS settings for emailSpoofTest.com:

DMARC = Quarantine | Relaxed SPF | Relaxed DKIM | Reject subdomains
[v=DMARC1; p=quarantine; rua=mailto:emailspooftest@ignitecyber.co; ruf=mailto:emailspooftest@ignitecyber.co; fo=1:d:s; adkim=r; aspf=s; sp=reject]

SPF = Allow included URLs, deny others [v=spf1 include:spf.websitewelcome.com include:spf2.websitewelcome.com include:amazonses.com include:secureserver.net -all]

DKIM = email not signed [selector = a1, v=DKIM1; k=rsa; p=ZW1...]

Email E3 One email from a badDMARC.com where the policy is to strictly reject all email (should be rejected by your email servers)

Email E4 One email from a subdomain, verybad.badDMARC.com where the domain policy is set to reject all email (should be rejected by your email servers)

DNS settings for badDMARC:

DMARC = Reject | Strict SPF | Strict DKIM | Reject subdomains
[v=DMARC1; p=reject; rua=mailto:baddmarc@ignitecyber.co; ruf=mailto:baddmarc@ignitecyber.co; fo=1:d:s; adkim=s; aspf=s; sp=reject]
SPF = Deny all senders [v=spf1 -all]
DKIM = email not signed [selector = default, v=DKIM1; k=rsa; p=MIIB...]

Email E5 One email from badDKIM.com where the policy is to reject email without a DKIM signature (should be rejected by your email servers)

Email E6 One email from a subdomain of badDKIM.com where the policy is to require DKIM and reject subdomains (should be rejected by your email servers)

DNS Settings for badDKIM.com

DMARC = Reject | Relaxed SPF | Strict DKIM | Reject subdomains
[v=DMARC1; p=reject; rua=mailto:badDKIM@ignitecyber.co; ruf=mailto:badDKIM@ignitecyber.co; fo=1:d:s; adkim=s; aspf=r; sp=reject]
SPF = Deny all senders [v=spf1 -all]
DKIM = email not signed [selector = default, v=DKIM1; k=rsa; p=MIIB...]

Email E7 One email from badSPF.com that rejects all email but has no DMARC policy defined (should be rejected by your email servers)

Email E8 One email from a subdomain of badSPF.com that rejects all email but has no DMARC policy defined (should be rejected by your email servers)

DNS Settings for badSPF.com

DMARC = Not configured (Neutral)

SPF = Reject all [v=spf1 -all]

DKIM = email not signed (Selector = default) [selector = default, v=DKIM1; k=rsa; p=MIIB...]

Email E9 One email from your sending email address (should be rejected by your email servers and your DMARC monitoring should raise an alert). This tests spoofing internal mail from the outside. It sends a mail from you to you but from our servers. If internal authentication is properly set this email should not get to your inbox. 

Email E10 One email from a domain that does not exist (should not deliver to inbox). This test is sent from a non-existing domain "garbageRANDOMNUMBERf.com". If this email gets to your inbox or junkmail your email system accepts email from nonexisting domains.