No valid SPF record found
Unknown
Vulnerability Details
Email spoofing is possible
To verify:
visit : https://www.kitterman.com/spf/validate.html and type your domain name to check SPF records
you can see the results as: No valid SPF record found.
POC:
1. visit: https://emkei.cz/
2. fill the from email as [email protected]
3.To email as victim email address, enter subject, data and click send.
4. you will receive the email in your inbox
## Impact
Email spoofing
Actions
View on HackerOneReport Stats
- Report ID: 1187001
- State: Closed
- Substate: not-applicable
- Upvotes: 1