In the short time I've been in the #
Mastodon #
Fediverse so far, I've talked a lot about how #
DMARC can help prevent #
spoofed #
emails from being delivered to their targets, in light of a wave of Mastodon-themed phishing. That made me wonder, "How many Mastodon instances have a DMARC record on their domain? How many of those are set up to properly?" For their own security Users should join servers with an enforced DMARC policy, and instance admins should enforce DMARC on their domains to protect users and attract a security conscious userbase.
I wrote a script that queries instances.social for the 1000 top Mastodon instances based on the number of active users, feeds that list to #
checkdmarc to query for, parse, and validate DMARC #
DNS records. Here are the results.
https://github.com/seanthegeek/mastodon-dmarc-surveyAs of earlier today, 148 instances with a combined 295, 975 active users had an enforced DMARC policy (p=quarantine or p=reject). 113 instances with a combined 168,965 active users have deployed a monitor only policy, 3 instances with a combined 577 active users have an invalid DMARC record, and 113 instances with a combined 486,972 active users don't have any DMARC record.
As I looked through the list of instances, I noticed that infosec.exchange is now the 7th largest Mastodon instance on the public internet, with 18,328 active users (and counting. Thanks @
jerry!
#
Infosec #
InformationSecuriy #
phish #
phishing #
spoofing #
adminsofmastodon #
OpenSource #
OpenSourceSoftware #
FLOSS #
Python #
CLI #
API