Vulnerability Name: DMARC RECORD MISSING
Vulnerable URL:https://www.sparta.eu/
HOW TO REPRODUCE(POC-ATTACHED):-
1.GO TO- https://mxtoolbox.com/
2.ENTER THE WEBSITE(sparta.eu).
CLICK GO.
3.YOU WILL SEE THE FAULT(No DMARC Record found).
4.In the new page that loads change MXLookup to DMARCLookup.
Extra information
Impact:
Spammers can forge the "From" address on email messages to make messages
appear to come from someone in your domain.
If spammers use your domain to send spam or junk email, your domain quality
is negatively affected.
People who get the forged emails can mark them as spam or junk, which can
impact authentic messages sent from your domain.
Attachment:
Hi ,
There is any issue No valid SPF Records
*Description :*
There is an email spoofing vulnerability.Email spoofing is the forgery of
an email header so that the message appears to have originated from someone
or somewhere other than the actual source. Email spoofing is a tactic used
in phishing and spam campaigns because people are more likely to open an
email when they think it has been sent by a legitimate source. The goal of
email spoofing is to get recipients to open, and possibly even respond to,
a solicitation.
*I found :*
SPF record lookup and validation for: sparta.eu
[image: 01.png]
*Phishing mail png:*
[image: 02.png][image: 03.png]
*Impact:* Any attacker can send Fake mails to the sparta.eu user's. The
results can be more dangerous.
*Remediation :* Replace ~all with -all to prevent fake email.
*Reference :*
https://www.digitalocean.com/community/tutorials/how-to-use-an-spf-record-t…
Thank you.
