Critical Bug on Your Website
Muhammad Zeeshan
avenger0346 at gmail.com
Wed Sep 23 15:22:09 EDT 2015
FIrst BUG: Missing Spf flags for http://pidgin.im
<http://hackersonlineclub.com>
I just checked for SPF records for the pidgin.im domain, and there are
none, effectively allowing for spam(spoof) to originate from that domain.
you can validate by testing yourself here: http://www.kitterman.com/spf
/validate.html
I strongly recommend you to read this article :
https://www.digitalocean.com/community/tutorials/how-to-use-an-spf
-record-to-prevent-spoofing-improve-e-mail-reliability
check this report too !
https://hackerone.com/reports/54779
and the amount of bounty$ too ! :)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://pidgin.im/cgi-bin/mailman/private/security/attachments/20150923/efa35c6d/attachment.html>
More information about the security
mailing list