Closed
Bug 1438836
Opened 7 years ago
Closed 7 years ago
No SPF records on taskcluster.net
Categories
(Infrastructure & Operations :: DNS and Domain Registration, task)
Infrastructure & Operations
DNS and Domain Registration
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: miteshpa789, Unassigned)
References
(Blocks 1 open bug, )
Details
(Keywords: reporter-external, Whiteboard: [reporter-external] [web-bounty-form] [verif?])
What Is SPF/TXT Records?
An SPF record is a type of Domain Name Service (DNS) record that identifies which mail servers are permitted to send email on behalf of your domain. The purpose of an SPF record is to prevent spammers from sending messages with forged From addresses at your domain.
Checking Missing SPF:-
There Are Various Ways of Checking Missing SPF Records on a website But the Most Common and Popular way is kitterman.com
Steps to Check SPF Records on a website:-
Go to http://www.kitterman.com/spf/validate.html
Enter Target Website :taskcluster.net
Hit Check SPF (IF ANY)
If You seem any SPF Record than Domain is Not Vulnerable But if you see Nothing Here then "HURRAY! You Found a Bug"
Attack Scenario & PoC:-
Once There is No SPF Records.An Attacker Can Spoof Email Via any Fake Mailer Like Emkei.cz.An Attacker Can Send Email From name "Support" and Email: "support@target.com" With Social Engineering Attack He Can TakeOver User Account Let Victim Knows the Phishing Attack but When He See The Email from the Authorized Domain.He Got tricked Easily.
Flags: sec-bounty?
|
||
Comment 1•7 years ago
|
||
taskcluster.net should probably get SPF records, but marking as sec-bounty-, as bugs related to SPF/DKIM/DMARC are not eligible for the bug bounty program:
https://www.mozilla.org/en-US/security/web-bug-bounty/
Blocks: dmarc-everything
Group: websites-security → mozilla-employee-confidential
Component: Other → General
Flags: sec-bounty? → sec-bounty-
Product: Websites → Taskcluster
Summary: SPF/TXT Records → No SPF records on taskcluster.net
|
||
Comment 2•7 years ago
|
||
Hi DNS folks.. can you do the thing April suggests?
We don't use @taskcluster.net for email at all, so this can be a record that says "no email is valid". Same for taskcluster-workers.net and taskcluster-artifacts.net.
Assignee: nobody → infra
Component: General → Infrastructure: DNS
Product: Taskcluster → Infrastructure & Operations
QA Contact: cshields
|
|
||
Comment 3•7 years ago
|
||
More specifically, that SPF record would be "v=spf1 -all", which simply says that the site sends no mail.
|
||
Comment 4•7 years ago
|
||
I added the SPF record as described in comment 3 for taskcluster.net, but taskcluster-workers.net and taskcluster-artifacts.net are operated on route53.
Assignee: infra → bhourigan
|
|
||
Updated•7 years ago
|
Assignee: bhourigan → infra
|
|
||
Comment 6•7 years ago
|
||
Flags: needinfo?(dustin)
|
|
||
Comment 7•7 years ago
|
||
landed for taskcluster-artifacts.net
|
|
||
Updated•7 years ago
|
Status: UNCONFIRMED → RESOLVED
Closed: 7 years ago
Resolution: --- → FIXED
|
||
Updated•10 months ago
|
Group: mozilla-employee-confidential
|
||
Updated•9 months ago
|
Keywords: reporter-external
You need to log in
before you can comment on or make changes to this bug.
Description
•