Does anyone have successful experience using the MXTookBox App integration with SOAR? Specifically around email authentication (SPF/DKIM/DMARC)? My customer has a -all in their SPF record. They don't have SOAR. However, I would like to show them a use case around a spoofed email and run a playbook that queries their record and displays the -all instead of ~all. Which will help their ongoing troubleshooting of phishing and spoofed messages.
If you'd like to email directly I am at
michaelm@ibm.com.
Cheers,
Michael
------------------------------
Michael Marrochello
------------------------------