Safeguarding Your Domain from Spam & Spoofing

Leave a reply

Spam is something we all deal with. However, if you own the domain from which spam emails appear to originate, the consequences can be severe. Email spoofing is real, and every domain owner should take steps to ensure their domain is not exploited by spammers and scammers.

For business owners, it is crucial to implement basic security measures to prevent domain and email spoofing. Ensuring proper email authentication protocols are in place can help protect both your brand and your customers from malicious attacks.

A good writeup is available at the following links:

https://www.zoho.com/mail/help/adminconsole/spf-configuration.html

https://www.zoho.com/mail/help/adminconsole/dkim-configuration.html

https://www.zoho.com/mail/help/adminconsole/dmarc-policy.html

DKIM (DomainKeys Identified Mail)

DKIM is an email authentication method designed to detect forged sender addresses in email messages. It allows an organization to sign its outgoing emails with a cryptographic signature, which receiving mail servers can verify using the sender’s public key published in the domain’s DNS records.

How DKIM Works

  1. Signing Emails: The sending mail server generates a unique DKIM signature using a private key and embeds it in the email’s header.
  2. Publishing the Public Key: The domain owner publishes the corresponding public key as a TXT record in the domain’s DNS.
  3. Verifying Emails: The recipient’s mail server retrieves the public key from DNS and validates the email’s DKIM signature. If the signature is valid, the email is considered authentic.

SPF (Sender Policy Framework)

SPF is an email authentication protocol that helps prevent email spoofing by specifying which mail servers are authorized to send emails on behalf of a domain. It works by allowing domain owners to publish a TXT record in their DNS settings, listing the mail servers permitted to send emails using their domain.

How SPF Works

  1. DNS Record Setup: The domain owner publishes an SPF TXT record in their DNS settings, specifying allowed mail servers.
  2. Email Transmission: When an email is sent, the recipient’s server queries the sender’s domain for the SPF record.
  3. Verification: The recipient’s server checks if the sending server’s IP address matches the authorized list in the SPF record.
  4. Pass or Fail Decision: If the email comes from an authorized server, it is accepted. Otherwise, it may be rejected or marked as spam.

DMARC (Domain based Message Authentication, Reporting, and Conformance)

DMARC is an email security protocol that builds upon SPF and DKIM to prevent email spoofing. It provides domain owners with visibility into email activity and enforces policies to reject or quarantine unauthorized emails.

How DMARC Works

  1. Email Authentication: DMARC relies on SPF and DKIM to authenticate emails. The recipient server checks if the sender’s domain has valid SPF and/or DKIM signatures.
  2. Policy Enforcement: Based on the domain’s DMARC policy (none, quarantine, or reject), the receiving server determines how to handle unauthenticated emails:
    • p=none: The email is delivered normally, but reports are generated.
    • p=quarantine: Suspicious emails are sent to the spam folder.
    • p=reject: Unauthenticated emails are rejected outright.
  3. Reporting Mechanism: DMARC provides reports (rua for aggregate reports, ruf for forensic reports) to help domain owners monitor email authentication activity and detect unauthorized usage.

Developer productivity tools for iPad

Leave a reply

I have tried doing development on my iPad and I found some tools which I liked:
Python – Pythonista
Java – Jedona

I was able to write some interesting programs while on the go on both my iPhone and especially on iPad. However I have realised that for better productivity it is better to use remote desktop solution to login into my Windows and a VNC solution to login into my MacBook.

Windows Mobile App (Previously called RD Client)
RealVNC Client

I have a static IP available for my home network however one can easily use solution like noip.com to get static domain name to work using the DDNS client built in your home router. I usually configure a port forward on my router to RDP into my windows or VNC into my MacBook if the router does not support VPN server. For better security I have setup a VPN server on my router and I do a VPN connection into my home network effectively eliminating the need of opening ports / do port forwarding.

Using the above approaches I no longer have to carry my laptops around and I use my iPad to do some work directly on iPad or via remote connection to my computers back home.

To manage my personal Linux servers on cloud I use Blink. Combined with Mosh I have found Blink to be a solid solution to SSH into my Linux boxes and do my work.

Blink

This type of setup has greatly reduced the amount of hardware I need to carry around. With one iPad and an iPhone I can work on most of my hobby projects and also do some of my office work.

Converting Chrome HAR file to CSV

Leave a reply

It is sometimes easier to export a chrome har file into CSV format so that it can be opened in Excel. Once opened in Excel it is really easy to do further analysis for rather very large har dumps.

The following solution is based on this Link: https://stackoverflow.com/questions/31648078/how-to-import-har-file-to-excel

Install jq on Mac. 

brew install jq

Run this command.

cat some_file.har | jq '[ "URL", "Time", "Wait time", "Status", "Body size","Content-Type", "Content-Encoding"],
    (.log.entries[] | [
        .request.url,
        .time,
        .timings.wait,
        .response.status,
        .response.content.size,
        .response.content.mimeType,
        .response.content.encoding
]) | @csv' | sed 's/\\"//g' | sed 's/"//g' > some_file.csv

This results in a CSV file which you can easily open in an Excel.

To extract the path of the URL minus the file name the following Excel function can be used by adding a column:

=LEFT(A2,LEN(A2)-LEN(RIGHT(A2,LEN(A2)-FIND("@",SUBSTITUTE(A2,"/","@",LEN(A2)-LEN(SUBSTITUTE(A2,"/",""))),1))))

Viewing files in hex mode

Leave a reply

Sometimes I need to look at files in their actual hexadecimal format. I use the combination of vi and hexdump to fulfill this requirement.

To simply view a file’s content in hex format I use this command on my mac.

hexdump -C <file_name>

This typically is enough for the job at hand. However there is also another trick of using hexdump by leveraging vi command. I follow the following steps:

  • Start vi by typing “vi <file_name>” on the command line.
  • Type “:%!hexdump -C”
  • This will replace the contents of the vi screen with the hex view of the current file.
  • Save the file for future use.

Duplicating a Git repository

Leave a reply

I was working in a personal Git repository and I wanted to make a duplicate copy of it under a different organisation. The following approach worked well for me:

Open Terminal / Command Prompt and Clone the existing source repo:
git clone --bare https://your_source_repository_url

Make sure you don’t skip the “–bare” portion of the command line.
You will see that a new folder is created from your source repository.


Move inside the folder:
cd your_source_repository

Now we need to push the files from your source repository into your target repository:
git push --mirror https://target_repository_url

Make sure your don’t skip the “–mirror” portion of the command line. Also this command has to be executed from the source repository’s clone location folder.

Localhost Tunnels

Leave a reply

I have started using ngrok for setting up localhost tunnels directly from laptop. The basic idea is to start a web server in localhost and use ngrok to setup a tunnel to internet. This is very easy way to test local code and get it validated with other team mates. I will be looking out for an enterprise offering for this wonderful tool.

A very simple use case of ngrok is demonstrated in this video which is a tutorial for webhooks.

Bash Shell – Folder as tree

Leave a reply

I like using tree command in Linux, thankfully it has been ported to Mac as well and it is quite easy to get tree representation of files and folders inside a directory on a shell. An article on StackOverFlow talks about it aptly. The original site is here.

In case you are using brew then it is quite easy peasy as shown below:

brew install tree

The following commands generate a tree view:

Generates a tree of all files and folders in the current directory:

tree

Generates a tree containing only folders in the current directory:

tree -d

Generates a tree containing only folders for 3 levels depth. 

tree -d -L 2 .

In case you want to use vanilla shell without installing anything. (doesn’t generate a tree though).

find . -maxdepth 3 - type d

Code Structure Analysis Tool

Leave a reply

I received a dump of Java codebase which had multiple modules and I needed to analyse it’s structure. The following tool did quite a good job:

https://github.com/gdela/socomo

Basically the idea is to run it inside a Java project using a maven command and it creates HTML file which denotes the high level structure of the code.

Note: Stan4J is also a very good tool which does similar job but allows deeper analysis (upto 500 classes only)