Information Disclosure: Spoofable SPF Records with PTR Mechanism¶

Identifier: spoofable_spf_records_ptr_mechanism

Scanner(s) Support¶

GraphQL Scanner	REST Scanner	WebApp Scanner	ASM Scanner

Description¶

SPF records in DNS containing a PTR mechanism are spoofable, potentially allowing attackers to bypass email authentication and send spoofed emails.

How we test: We analyze SPF records in DNS and detect if they contain PTR mechanisms. We check if SPF records are properly configured to prevent email spoofing and verify if PTR mechanisms are used, which are known to be spoofable.

Reference:

https://www.digitalocean.com/community/tutorials/how-to-use-an-spf-record-to-prevent-spoofing-improve-e-mail-reliability

Configuration¶

Example¶

Example configuration:

---
security_tests:
  spoofable_spf_records_ptr_mechanism:
    skip: false

Reference¶

`skip`¶

Type : boolean

Skip the test if true.