NO VALID SPF RECORD - Email Spoofing

          NO VALID SPF RECORD 

                       

 

              what is spf record

     The Sender Policy Framework (SPF) is an email-authentication address which is acclimated to anticipate spammers from sending letters on account of your domain. With SPF an organisation can broadcast accustomed mail servers. Together with the DMARC accompanying information, this gives the receiver (or accepting systems) advice on how accurate the agent of an email is. SPF is, aloof like DMARC, an email affidavit address that uses DNS (Domain Name Service). This gives you, as an email sender, the adeptness to specify which email servers are acceptable to accelerate email on account of your domain.

 

SPF was mentioned for the aboriginal time in 2000. In the afterward years, the SPF blueprint developed in assorted drafts. Meanwhile the aboriginal name SPF (Sender Permitted From) afflicted to Sender Policy Framework.

An SPF alive accumulation of IETF approved to amalgamate SPF and Microsoft’s CallerID proposal. A abutting attack was fabricated with the “classic” adaptation of SPF. This advance to the aboriginal beginning RFC in 2006 and, eventually in 2014 the proposed accepted SPF, accustomed beneath RFC 7208 in 2014.

Nowadays email affidavit techniques such as SPF accept acquired and advance to techniques such as DKIM and DMARC. SPF still fulfills an important role to actuate whether an email is DMARC Compliant.

        How To Find No Valid Spf Record

             1.visit: kitterman.com/spf/validate.html

2.enter you target website name for example: facebook.com

 3.if you find the following error "no valid spf record" it means          vulnerable to spf

 4.if you find "Found v=spf1 record" then its not vulnerable to spf