

Email Spoofing Attack: Demonstration and Defense using DNS-based Authentication
Abstract
Email spoofing remains a serious cybersecurity concern, exploiting weaknesses in email protocols like SMTP to carry out phishing and fraud. This report effectively demonstrates how such attacks can be simulated and detected using tools like Mailtrap and Python scripting. More importantly, it offers a practical roadmap to defend against spoofing through the implementation of SPF, DKIM, and DMARC—three essential DNS-based authentication protocols.
By combining technical safeguards with strategic practices such as regular monitoring and employee awareness, the report concludes that a multi-layered, proactive approach is key to mitigating email spoofing threats. The document serves not just as a theoretical overview, but as a hands-on guide for professionals aiming to enhance organizational email security in line with industry standards.
References
Akinyelu, A. A., & Adewumi, A. O. (2018). Classification of phishing email using random forest machine learning technique. Journal of Applied Security Research, 13(2), 212-225.
Gupta, B. B., Tewari, A., Jain, A. K., & Agrawal, D. P. (2020). Fighting against phishing attacks: state of the art and future challenges. Neural Computing and Applications, 28, 3629–3654.
Chandrasekaran, M., Narayanan, K., & Upadhyaya, S. (2006). Phishing email detection based on structural properties. NYS Cyber Security Conference.
Olusegun, A., Shukla, A., & Chaturvedi, S. (2022). A comprehensive study of email authentication protocols and their effectiveness in mitigating spoofing attacks. Journal of Cybersecurity and Privacy, 2(1), 89-106.
Mailtrap Documentation: https://mailtrap.io/docs/
Python SMTP library documentation: https://docs.python.org/3/library/smtplib.html
Kharraz, A., Robertson, W., Balzarotti, D., Bilge, L., & Kirda, E. (2015). Cutting the Gordian knot: A look under the hood of ransomware attacks. In International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment (pp. 3-24). Springer.
Rouse, M. (2019). Business Email Compromise (BEC). TechTarget. Available: https://www.techtarget.com/searchsecurity/definition/business-email-compromise
Refbacks
- There are currently no refbacks.