Search Go hack yourself with Detectify

A web security blog from Detectify

SPF Record Research

September 30, 2016

To prevent email spoofing, it is important to manually configure email authentication systems to the highest standard. This is a complicated process that often results in misconfigured email servers or companies simply skipping authentication and leaving their domain at risk of being spoofed. Here you can find our SPF research as well as a guide to help you configure your email server’s authentication.

Misconfigured email servers open the door to spoofed emails from top domains

We have researched the email authentication configuration of the top 500 Alexa sites and discovered that less than half of the domains had proper email authentication in place.

(TIVI): “Sähköpostihuijari, tervetuloa!” – Suomen yritykset suojautuvat järkyttävän heikosti

After looking into the SPF records of the world’s top domains, we checked the configurations of Finland’s largest companies and found that the majority lacked security measures preventing email spoofing.