S. SinhaBug Bounty Hunting for Web Securityhttps://doi.org/10.1007/978-1-4842-5391-5_7

7. Poisoning Sender Policy Framework

Sanjib Sinha¹

(1)

Howrah, West Bengal, India

Sender Policy Framework (SPF) is a technical standard that helps protect e-mail senders and recipients from spam, spoofing, and phishing. It’s a form of e-mail authentication.

Consider an imaginary situation. My web site address is https://sanjibsinha.fun. Now, I use a few e-mail addresses for various purposes. I send e-mails from these addresses and get replies to those addresses. One of them is support@sanjibsinha.fun. If my SPF is not correct, that is to say, if I don’t maintain the regulated technical standard for that purpose, then any bad guy can send e-mails ...

Get Bug Bounty Hunting for Web Security: Find and Exploit Vulnerabilities in Web sites and Applications now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Bug Bounty Hunting for Web Security: Find and Exploit Vulnerabilities in Web sites and Applications by Sanjib Sinha

7. Poisoning Sender Policy Framework

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly