add bibtex

README.md

@@ -1,8 +1,5 @@
 # EmailSpoofingTestTools
 
-> This tool is based on our latest research,"Weak Links in Authentication Chains: A Large-scale
-> Analysis of Email Sender Spoofing Attacks", accepted at USENIX Security '21.
-
 EmailSpoofingTestTools is a fuzzing tool for email sender spoofing attacks. This fuzzing tool can generate a number of test samples based on the ABNF grammar for authentication-related headers. Besides, we also provide an evaluation module to help email administrators to evaluate and increase their security. 
 
 Our research systematically analyzes the email delivery process based on the four key stages of authentication: sending authentication, receiving verification, forwarding verification and UI rendering. 
@@ -19,6 +16,26 @@ The following figure shows a spoofing example to impersonate [email protected] vi
 
 
 
+## How to cite us
+
+This tool is based on our latest research,"[Weak Links in Authentication Chains: A Large-scale
+Analysis of Email Sender Spoofing Attacks](https://shenkaiwen.com/files/papers/A_Large_scale_Analysis_of_Email_Spoofing_Attacks_USENIX_2021.pdf)", accepted at [USENIX Security '21](https://www.usenix.org/conference/usenixsecurity21/presentation/shen-kaiwen)) .
+
+If you want to cite us, please use the following (BibTeX) reference:
+
+```bash
+@inproceedings {shen21weaklinks,
+	author = {Kaiwen Shen, Chuhan Wang, Xiaofeng Zheng, Minglei Guo, Chaoyi Lu, Baojun Liu, Yuxuan Zhao, Shuang Hao, Haixin Duan, Qingfeng Pan and Min Yang},
+	title = {Weak Links in Authentication Chains: A Large-scale Analysis of Email Sender Spoofing Attacks},
+	booktitle = {30th {USENIX} Security Symposium ({USENIX} Security 21)},
+	year = {2021},
+	address = {Vancouver, B.C.},
+	url = {https://www.usenix.org/conference/usenixsecurity21/presentation/shen-kaiwen},
+	publisher = {{USENIX} Association},
+	month = aug,
+}
+```
+
 ## Install
 
 - Make sure have python3 installed in your computer.

core/MTA.py

@@ -58,7 +58,6 @@ def spoof(mail_from, to_email, subject, content, mime_from=None, mime_from1=None
 
     mx_domain = get_mx(to_domain)
     # print("mx_domain:",mx_domain)
-    # print("666")
     if mx_domain is None:
         logger.warn("Can't not resolve mx: " + to_domain)
 

core/SMTP.py

@@ -1,16 +1,11 @@
 # -*- coding: utf-8 -*-
-import imaplib
 from util import smtplib
 from config import logger
 from email.mime.multipart import MIMEMultipart
 from email.mime.text import MIMEText
 from email.header import Header
 from email.mime.image import MIMEImage
 
-"""
-SMTP base class
-"""
-
 
 class SendMailDealer:
     def __init__(self, user, passwd, smtp, port, usetls=True, debug_level=0, filename=None):
@@ -48,7 +43,7 @@ def mail_init(self, ehlo=None):
                 self.mailServer.ehlo(ehlo)
             except Exception as e:
                 logger.error(e)
-                logger.error(u"{} This service is not supported with high probability STARTTLS".format(self.smtpServer))
+                logger.error(u"The {} service don't support with STARTTLS method. ".format(self.smtpServer))
         self.mailServer.login(self.mailUser, self.mailPassword)
 
     def addTextPart(self, text, text_type):
@@ -162,7 +157,3 @@ def sendMail(self, to_email, info=None, subject=None, content=None, mail_from=No
         # logger.debug('Sent email to %s' % self.msg['To'])
 
 
-class ReceiveMailDealer:
-    def __init__(self, username, password, server):
-        self.mail = imaplib.IMAP4_SSL(server)
-        self.mail.login(username, password)

evaluate.py

@@ -4,7 +4,6 @@
 import mta_send as direct
 from config import *
 
-BASE_DIR = os.path.dirname(os.path.abspath(__file__))
 LOG_FILE = BASE_DIR + '/log/mta.log'
 logger = init_log(LOG_FILE)