DMARC

From this LinkedIn post How to spear phish someone in 2024 even if SPF is enabled and active

• Verify Target's DMARC “p” flag is set to “none” (many are!)
• Buy a closely related official-sounding domain name (~ $12)
• Create a Linux VM or cloud-based VPS
• Verify port 25 outbound traffic is permitted (some clouds block it)
• Install Postfix
• Configure your domain's A and SPF records in DNS
• Craft your phishing email
• Connect to your Postfix mail server
• Copy and paste your message
• Send

dig @1.1.1.1 TXT _dmarc.grayhatacademy.com

; <<>> DiG 9.16.38 <<>> @1.1.1.1 TXT _dmarc.grayhatacademy.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1585
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;_dmarc.grayhatacademy.com.     IN      TXT

;; ANSWER SECTION:
_dmarc.grayhatacademy.com. 600  IN      TXT     "v=DMARC1; p=quarantine; rua=mailto:terry@grayhatacademy.com; pct=100; sp=none; adkim=r; aspf=r"

;; Query time: 31 msec
;; SERVER: 1.1.1.1#53(1.1.1.1)
;; WHEN: Mon Mar 25 20:47:16 GMT Standard Time 2024
;; MSG SIZE  rcvd: 161

'v=DMARC1; p=none;…'' is what you are looking for