Email spoofing (for lack of a better word) options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-11-2018 12:18 PM
Currently, our company uses SolarWinds as our monitoring solution. From the SW interface, I can set up 'dummy' alerts and generate them as needed for testing. The great thing about these alerts is that I can make them look like they come 'from' any address I choose. This is priceless when testing inbound email actions, which we have a bunch of.
My dilemma is that we are getting rid of SW and I will no longer have the ability to 'spoof' from addresses in emails. I am wondering what other tools are out there that would provide me with the same functionality?
Thanks for any suggestions!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-11-2018 03:55 PM
ServiceNow allows you to override the 'from' address as follows:
Normal 'from' is set to be from your ServiceNow instance address.
1. Override in an email account - all email sent via that account is given the 'from' address instead of the default.
See https://docs.servicenow.com/bundle/jakarta-servicenow-platform/page/administer/notification/concept/c_EmailAccounts.html
2. In an individual notification - all emails generated just for that notification override the from in the Email Account configuration.
https://docs.servicenow.com/bundle/jakarta-servicenow-platform/page/administer/notification/task/t_CreateANotification.html
Pay attention to caveats.
Your question implies a simple testing (not production) scenario, but if your production or testing scenarios actually require email delivery this section is applicable.
Spoofing email like this requires you make changes so that the domain you claim to be sending from has registered you as a valid sending domain. Otherwise, many spam detection services may flag your email as junk. (ie if you claim to be sending from 'foo@bar.com', the bar.com's SPF record must be updated to declare which hosts and/or IPs are legitimately allowed to send on behalf of bar.com.)
KB0535456 This KB describes whitelisting ServiceNow servers via SPF records
Secondarily, if you actually did this then any replies will go the this 'foo@bar.com address. Your mail infrastructure needs to be configured to forward to the ServiceNow instance if that is where the reply processing is intended to be done.
https://docs.servicenow.com/bundle/jakarta-servicenow-platform/page/administer/reference-pages/task/t_ConfStandEmailAddDomain.html.
https://docs.servicenow.com/bundle/jakarta-servicenow-platform/page/administer/reference-pages/reference/network-layout-email-forwarding.html
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-12-2018 05:40 AM
Thank you for your thoughtful response, but I am not intending to spoof an outgoing address. I am looking for legitimate ways to spoof incoming addresses, so that I can properly test all processing of incoming email, as many of our inbound actions react according to the domain of the from address on the incoming email.
As another example, we need to process emails from unknown users in a specific way and differently from the way we process emails from known users, which I imagine is a very common scenario. Having access to an application that will allow me to send email to our dev instance that looks like it comes from any address I choose allows me to test those scenarios.
