Hi Team

A DMARC record is the record where the DMARC rulesets are defined. This record informs the ISPs (like Gmail, Microsoft, Yahoo! etc.) if a domain is set up to use DMARC. The DMARC record contains the policy. The DMARC record should be placed in your DNS. The TXT record name should be “_dmarc.yourdomain.com.” where “yourdomain.com” is replaced with your actual domain name (or subdomain).

After DMARC has been implemented, it allows you to:

Monitor, detect, and fix real-world problems with your email delivery
See the email volumes you are delivering to inboxes (including which ones)
Identify threat emails pretending to come from your domain (i.e., spoofing/phishing)
Control the delivery of your email and defend against spoofing attacks.
Steps To Reproduce:

1) Checking Missing DMARC:-
There Are Various Ways of Checking Missing DMARC Records on a website But
the Most Common and Popular way is mxtoolbox.com
Steps to Check DMARC Records on a website:-
Go to https://mxtoolbox.com
Enter target ex:sparta.eu Not Add https/http or www)
Hit MXlookup (IF ANY)

OR you can simply  on this link=> https://mxtoolbox.com/SuperTool.aspx?action=mx%3asparta.eu&run=toolpage

If You seem any DMARC Record than Domain is Not Vulnle but still it can be vulnerable if you set "Policy for domain p=none"

2) Attack Scenario & PoC:-
Once There is No DMARC Records. An Attacker Can Spoof Email Via any Fake
Mailer Like Emkei.cz.An Attacker Can Send Email From name "Support" and
Email: "support@target.com" With Social Engineering Attack He Can
TakeOver User Account Let Victim Knows the Phishing Attack but When He
See The Email from the Authorized Domain.He Got tricked Easily

Exploit:
Name: Hacked
Email:  security@sparta.eu
To - your email address
etc

3) It will directly send a mail from  security@sparta.eu you in inbox, not
in spam.

Solution
Once SPF and DKIM are in place, you configure DMARC by adding policies to your domain’s DNS records in the form of TXT records (just like with SPF or DKIM).

The TXT record name should be dmarc.yourdomain.com where yourdomain.com is replaced with your actual domain name (or subdomain)and set Policy for domain p=reject
For more details visit:
https://www.dmarcanalyzer.com/how-to-create-a-dmarc-record
Impact

Attacker can use official career mail of  security@sparta.eu for phishing attack. Career
email of sparta.eu is  security@sparta.eu At it is from official mail, user will definitely trust it and will be tricked
in phishing

Thankspoo