MEDIUMCWE-345Email Security
SPF Record Missing
Description
Your domain lacks an SPF DNS record, allowing attackers to send forged emails that appear to come from your domain.
How Vezraa Detects It
We query your domain's TXT records and check for the presence of a valid SPF record starting with v=spf1.
Real-World Impact
Attackers can send phishing emails from your domain, damaging your brand trust and tricking your users into revealing credentials.
Fix Example
v=spf1 include:_spf.google.com include:sendgrid.net ~all
Affected Stacks
DNSEmail