Gratipay: Email Forgery through Mandrillapp SPF

ID H1:117097
Type hackerone
Reporter bugdiscloseguys
Modified 2016-03-19T19:16:58


Description :- The SPF record of include Mandrillapp which you are not using right now, i'm able to add in my account, although a further verification of domain is required but you should know that Mandrillapp allow to send email from a domain if its SPF records point Mandrill server. I have attached a screenshot to proof my concept 1 SPF record found for the domain : "" v=spf1 -all " This is useful in phishing, and this type of vulnerability is news worthy ( Vulnerability Impact Scenario :- Using my own mandrill account I can send email which appears to originate from Patch :- The patch is pretty simple. Complete your mandrill registration process. This will lock out other mandrill users from sending email that originates from * Let me know if you have any other questions. Check Screenshot. Thanks.