This is a user support group. -- Registered Linux User: #480675 Registered Linux Machine: #408606 Linux since June 2005
On Wed, Sep 23, 2020 at 5:10 AM viper king <kanakhanpago...@gmail.com> wrote: > > Hi There > any update ? > Thanks > > On Mon, Mar 30, 2020 at 1:58 AM viper king <kanakhanpago...@gmail.com> > wrote: > > > Hi There > > any update ? > > Thanks > > > > On Fri, 20 Mar 2020, 1:24 a.m. viper king, <kanakhanpago...@gmail.com> > > wrote: > > > >> > >> > >> Hi, > >> Severity : High. > >> Introduction: > >> There is a email spoofing vulnerability.Email spoofing is the forgery of > >> an email header so that the message appears to have originated from someone > >> or somewhere other than the actual source. Email spoofing is a tactic used > >> in phishing and spam campaigns because people are more likely to open an > >> email when they think it has been sent by a legitimate source. The goal of > >> email spoofing is to get recipients to open, and possibly even respond to, > >> a solicitation. > >> > >> Steps to Reproduce: > >> > >> 1.goto http://www.kitterman.com/spf/validate.html > >> 2.Enter domain name: http://pidgin.im/ and click spf record if any > >> under "Does my domain already have an SPF record? What is it? Is it valid?" > >> 3.You will see that no valid spf protection. > >> 4.So that why i try to send email using support@pidgin.im and i was > >> successfully delivered the messege to my email address. > >> > >> In addition to above checking, > >> > >> I used https://emkei.cz/ and send a test mail using > >> http://pidgin.im/domain > >> which was delivered successfully.This further confirms that the emails > >> spoofed. > >> > >> Impact > >> An attacker would send a Fake email. The results can be more dangerous. > >> > > > _______________________________________________ > Support@pidgin.im mailing list > Want to unsubscribe? Use this link: > https://lists.pidgin.im/listinfo/support _______________________________________________ Support@pidgin.im mailing list Want to unsubscribe? Use this link: https://lists.pidgin.im/listinfo/support
