From 127086eb444afc3a6df18958d5cbb08f58fffe16 Mon Sep 17 00:00:00 2001 From: Rishi Date: Sun, 24 Mar 2024 11:58:26 +0000 Subject: [PATCH] bimi detect --- dns/bimi-detect.yaml | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) create mode 100644 dns/bimi-detect.yaml diff --git a/dns/bimi-detect.yaml b/dns/bimi-detect.yaml new file mode 100644 index 0000000000..35b42ccff2 --- /dev/null +++ b/dns/bimi-detect.yaml @@ -0,0 +1,24 @@ +id: bimi-record-detect + +info: + name: BIMI Record - Detection + author: rxerium + severity: info + description: | + A BIMI record was detected + reference: + - https://postmarkapp.com/blog/what-the-heck-is-bimi + tags: dns,bimi + +dns: + - name: "{{FQDN}}" + type: TXT + matchers: + - type: word + words: + - "v=BIMI1" + + extractors: + - type: regex + regex: + - "v=BIMI1(.+)" \ No newline at end of file