Package: spfqtool Version: 0.999-1.0.0-p3-3 Severity: important
The libspf0 library is unable to parse the SPF record for paypal.com. I have classified this bug as 'important' because paypal.com is one of the Internet's most frequently forged domains, and the "DUNNO" response from whitelister (which uses the same libspf0 implementation of the SPF standard) opens a serious hole for phishing attacks. I have installed spftool and produced the same parsing problem on the command line. Here is the output of a query against the paypal.com SPF record using spfqtool: [EMAIL PROTECTED]:~]$ spfqtool -d 255 -e 1 -i 1.2.3.4 -h mail.example.com -s [EMAIL PROTECTED] SPF Query Tool v0.4 - James Couzens <[EMAIL PROTECTED]> [DEBUG]: Debugging level: 255 [DEBUG]: RFC2821 Mail From: [EMAIL PROTECTED] [DEBUG]: RFC2821 HELO: mail.example.com [DEBUG]: Purported address: 1.2.3.4 [DEBUG]: SPF Explanation: Enabled [DEBUG]: Trusted Forwarder: Disabled [DEBUG]: Best Guess: Disabled SPF short result: unknown SPF verbose result: policy result: [unknown] from rule [~all] SPF explanation: NULL RFC2822 header: Received-SPF: unknown (mail.example.com: domain of [EMAIL PROTECTED] encountered an error while parsing (check SPF record paypal.com for errors)) -- System Information: Debian Release: 4.0 APT prefers stable APT policy: (500, 'stable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.20-linode28 Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Versions of packages spfqtool depends on: ii libspf0 0.999-1.0.0-p3-3 the ANSI C SPF reference library ( spfqtool recommends no packages. -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
