Hello Team, I am a security researcher and I founded this vulnerability. I just sent a forged email to my email address that appears to originate from mailman@lists.frrouting.org I was able to do this because of the following DMARC record: DMARC record lookup and validation for: lists.frrouting.org " No DMARC Record found " How To Reproduce(POC-ATTACHED IMAGE):- 1.Go To- mxtoolbox.com/DMARC.aspx 2.Enter the Website.CLICK GO. 3.You Will See the fault(DMARC Quarantine/Reject policy not enabled) Fix: 1)Publish DMARC Record. 2)Enable DMARC Quarantine/Reject policy 3)Your DMARC record should look like "v=DMARC1; p=reject; sp=none; pct=100; ri=86400; rua=mailto:info@domain.com" For more information you can use this blog (https://sendgrid.com/blog/what-is-dmarc/). <?php $to = "VICTIM@example.com"; $subject = "Password Change"; $txt = "Change your password by visiting here - [VIRUS LINK HERE]l"; $headers = "From:mailman@lists.frrouting.org "; mail($to,$subject,$txt,$headers); ?> Reference : https://www.knownhost.com/wiki/email/troubleshooting/setting-up_spf-dkim-dma... Let me know if you need me to send another forged email, or if have any other questions. Hoping for the bounty for my ethical Disclosure. Best Regards Security Researcher
