SMTP Spoofing on TWiET

Last night I was a guest on This Week in Enterprise Tech. This time, we opted to focus on core material and talk about SMTP. Phishing is a concept most are comfortable with. In this episode, rather than paint the doom and gloom picture, we focused on SPF, DKIM, and DMARC standards. Our goal–clarify what these standards are, what they do for you, and how they force an attacker to change their approach.

Here’s the episode:

The SMTP portion of this episode came from the Email Delivery – What Penetration Testers Should Know blog post. If you’d like to see more on this same topic. Check out Tradecraft, lectures 4 and 8.