Describe the issue or problem
We got an Email from an “ethical hacker” with this content:
##################################
Hello Team,
I am an ethical hacker, bug bounty hunter and security researcher, I identify bugs in websites and provide vulnerability assessment of the identified issues.
I have found an email spoofing issue in your website which can allow anyone to send emails from “[diegesis@uni-wuppertal.de](javascript:void(window.open(‘/imp/dynamic.php?page=compose&to=diegesis%40uni-wuppertal.de&popup=1’,‘’,‘width=820,height=610,status=1,scrollbars=yes,resizable=yes’)))” to any other users. Please find the details of the bug below.
I am hoping to receive a bug bounty reward for the responsible disclosure of this issue and hope to report further bugs once this is pursued and remediated.
Vulnerability: DMARC Quarantine/Reject policy not enabled
I was able to send a forged email to my email address that appears to originate from “[diegesis@uni-wuppertal.de](javascript:void(window.open(‘/imp/dynamic.php?page=compose&to=diegesis%40uni-wuppertal.de&popup=1’,‘’,‘width=820,height=610,status=1,scrollbars=yes,resizable=yes’)))”. I was able to do this because of the following DMARC record:
Fix:
1)Enable DMARC Quarantine/Reject policy
2)Your DMARC record should look like
"v=DMARC1; p=reject; pct=100; ri=86400; rua=mailto:[info@domain.com](javascript:void(window.open(‘/imp/dynamic.php?page=compose&to=info%40domain.com&popup=1’,‘’,‘width=820,height=610,status=1,scrollbars=yes,resizable=yes’))) "
#################################
Is it a joke, phishing or something? Or is it a real warning?
Thank for any information and help