Hello Patrick,

This email is about security issue #4 reported yesterday on security@sparta.eu. It does not seem to be a critical security issue but this would be better to have DKIM and DMARC records to the sparta.eu domain and subdomains (SPF is dealt with in security issue #6 to follow). Could you please have a look at this?

Best regards,

Thibaud Antignac

CEA List

From: security <security-bounces@server.sparta.eu> on behalf of Sakshi Patil <sakshipatil017@gmail.com>
Date: Sunday 22 November 2020 at 15:43
To: "security@sparta.eu" <security@sparta.eu>
Subject: [security] (Bug Report)DMARC RECORD MISSING.

Vulnerability Name: DMARC RECORD MISSING

Vulnerable URL:https://www.sparta.eu/

HOW TO REPRODUCE(POC-ATTACHED):-

1.GO TO- https://mxtoolbox.com/

2.ENTER THE WEBSITE(sparta.eu).

CLICK GO.

3.YOU WILL SEE THE FAULT(No DMARC Record found).

4.In the new page that loads change MXLookup to DMARCLookup.

Extra information
Impact:
Spammers can forge the "From" address on email messages to make messages appear to come from someone in your domain.
If spammers use your domain to send spam or junk email, your domain quality is negatively affected.
People who get the forged emails can mark them as spam or junk, which can impact authentic messages sent from your domain.

Attachment: