No SPF record found

Description

During the scan, Kayran has detected that no SPF record was found in your site.
We use the SPF record (Sender Policy Framework) to verify the identity of the sender whether it’s email or otherwise, it lists the IP addresses from, and to, which you can send emails on behalf of the domain.
That means that a prompt has indicated that for you.
The prompt simply tells you that your domain is not being configured with a SPF email authentication standard.

An attacker might exploit it in order to perform “spamming” by using your domain for phishing users.
Also, your sent emails will most likely end up in the “Spam” or “junk” folders of the destination since your “reputation” (which is given to you by the Internet Service Providers – ISPs) is poor.

Recommendation

To fix it, all you need to do is configure a SPF for your domain by publishing a DNS .TXT record that will list all the IP addresses that may receive emails on behalf of the domain.
Make sure that the record is written using the correct syntax.

References

https://support.google.com/a/answer/10685031?hl=en

< Return to all Vulnerabilities

Active Directory Hacking

What does Active Directory mean? The Active Directory infrastructure is a critical infrastructure in most organizations, and it forms the backbone of the organization’s computing

Read More »

Exposing the GIT

Let’s start with defining the meaning of GIT. GIT – is an open-source system which we use as a tool to store data and information

Read More »

Passwords 101

Unlike basketballs, “passwords” are things we don’t want to be passed around, especially in a society built around the idea that “mystery” is appealing. We

Read More »