Class 4 Lab 3 ‐ Email Spoofing - Justin-Boyd/CIT-Class GitHub Wiki

Task 1: Check for SPF Records

Step 1

Start your Windows 10 machine, search for CMD, and open it.

Step 2

Use the command nslookup to initiate the DNS query tool.

Step 3

Type the command set q=txt to query text records.

Step 4

Type seriouseats.comto query it. Note that it has a published SPF record containing a list of permitted senders. That means all addresses in the list can send emails on behalf of that domain.

Step 5

Now repeat the same process for Clutchburger.com. Can an SPF record be found?

Step 6

Browse to https://mxtoolbox.com/SuperTool.aspx

Step 7

Type seriouseats.com and select SPF Record Lookup from the dropdown menu

Step 8

Click SPF Record Lookup and note that the result indicated an existing SPF record.

Step 9

Now utilize the same tool to run a search on Clutchburger.com.

Task 2: Create a Gmail Account

Step 1

Browse to https://www.google.com/gmail/about/ and click Create an account.

Step 2

Fill in the required information and click Next.

Step 3

Enter your phone number to receive a verification code.

Step 4

Enter the verification code and click Verify.

Step 5

Fill in the required information and click Next.

Step 6

Click I agree to accept the privacy and terms policy.

Step 7

Your new email is now active.

Task 3: Send a Spoofed Email

Step 1

Browse to http://anonymailer.net/
Note: If it is down, try the other links provided.

Step 2

Use the fake emailer to send an email message on behalf of Seriouseats.com to your email, as follows:
- From name: write any name
- From E-mail: @seriouseats.com
- To: your email address
- Subject: write any subject
- Text: write any text

Step 3

Use the fake emailer to send an email message on behalf of Clutchburger.com to your email, as follows:
- From name: write any name
- From E-mail: @ClutchBurger.com
- To: your email address
- Subject: write any subject
- Text: write any text

Step 4

Open the spam box in your email by clicking More in the menu on the left and then Spam.

Step 5

Open the message received from Clutchburger.com.

Task 4: Email Header Examination

Step 1

While inspecting the received email, click the icon with three dots and click Show original.

Step 2

Note the error message in the header informing that the sender is not permitted for that domain.

Step 3

Identify the sender’s IP address from the header content and copy it.

Step 4

Browse to https://mxtoolbox.com/SuperTool.aspx and paste the IP address in the text field.

Step 5

Select Reverse Lookup from the dropdown menu and click Lookup.

Step 6

Note that the result specifies the origin of the email.

⚠️ GitHub.com Fallback ⚠️