Report an incident
Report an incident

MailGoose: Your Solution to Curb E-mail Spoofing
08 July 2024 | CERT Polska | #MailGoose

Mailgoose allows domain admins to check whether domains in their organization have anti-spoofing mechanisms (SPF, DMARC, and DKIM) configured correctly. Since e-mail spoofing is a popular technique used by criminals, having e-mail security protocols in place significantly decreases the chances of the domain being used in such an attack.

Mailgoose – About the Project

Mailgoose was first created as Bezpieczna Poczta (bezpiecznapoczta.cert.pl) to protect e-mail users and enable institutions to check e-mail security configuration. The tool is used by both public and private institutions in Poland. Since August 2023 over 25k domains have been scanned.

From Bezpieczna Poczta to mailgoose

The CERT PL team wants to facilitate the creation of similar tools for other national CSIRTs. Hence, we decided to make the source code of the Bezpieczna Poczta tool available on GitHub under the more user-friendly name - mailgoose. We are proud to announce that one other national CSIRT in Europe is already using its instance of mailgoose based on our code and several other European countries are also interested.

Using mailgoose

Mailgoose was created with simplicity in mind. It provides two ways of checking e-mail configuration:

Sending a Test Mail

This option generates an e-mail address. The user needs to send a test mail from the domain they want to check. The information about SPF, DMARC, and DKIM configuration status will be displayed after a few seconds.

However, we all know that sending a test e-mail may appear troublesome to some users. With this in mind, we provide a simplified verification method. Its only downside is that it only checks SPF and DMARC configuration leaving the state of DKIM unknown.

Domain Check

With this option, you need to enter the domain address in the provided box, click “Check” and wait a few seconds for the results.

It’s worth noting that using SPF, DMARC, and DKIM doesn’t require any action from regular e-mail users. Once the mechanisms are correctly configured, all messages are verified automatically.

Get mailgoose

If you’re considering setting up your own instance of mailgoose visit github.com/CERT-Polska/mailgoose. If you have any questions don’t hesitate to contact us.

Share: