SMTP Spoofing on TWiET

December 17, 2013

Last night I was a guest on This Week in Enterprise Tech. This time, we opted to focus on core material and talk about SMTP. Phishing is a concept most are comfortable with. In this episode, rather than paint the doom and gloom picture, we focused on SPF, DKIM, and DMARC standards. Our goal–clarify what these standards are, what they do for you, and how they force an attacker to change their approach.

Here’s the episode:

The SMTP portion of this episode came from the Email Delivery – What Penetration Testers Should Know blog post. If you’d like to see more on this same topic. Check out Tradecraft, lectures 4 and 8.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s