Run a free email spoofing test.

CanIBeSpoofed: The Free Email Spoofing Tool

Scan your SPF and DMARC records to detect if they're vulnerable to email spoofing. CanIBeSpoofed uses 14 distinct checks to determine if a domain is vulnerable and what the level of exposure is.

Analyze your email supply chain with our email spoofing tool

CanIBeSpoofed - Overview

Magnification tool
Email Spoofing Discovery

With our proprietary analysis engine, you can test and identify SPF & DMARC configurations that can facilitate email spoofing.

Document appearing out of screen
Email Receiver Analysis

Scan email servers to identify what spam and malware filtering technologies are in-use and whether they are misconfigured.

Stacked emails
Email Sender Analysis

Extrapolate the complete email sender supply chain of a provided domain through recursive analysis of SPF sub-domain lookups.

Visual report
Email Sender Visualisation

Enhance and visualize email sender supply chains with near-exact geolocation and IP blocklisting information.

Cloud storage
Scanning Automation

Create an account and leverage the CanIPhish API to scan domains programmatically. Or locally scan using our GitHub project.

Turning cog
Historic Searching

Registered users can view their searches and monitor email spoofing vulnerabilities over time with our historic search dashboard.

Deep-dive into the features of our email spoofing tool

CanIBeSpoofed - Features

Our email spoofing tool performs 14 different SPF and DMARC configuration checks to ensure that your domain is protected from email spoofing and spam.

Some of these checks include verifying that your domain has an SPF record in place, ensuring that the 'all' mechanism is set correctly, and checking for insecure DMARC policies. We also identify vulnerabilities such as non-existent sub-domain records and partial DMARC coverage. With our expert checks, you can be confident that your domain is fully protected against email attacks and will not be flagged as spam by email receivers.

Improve your email security protections with the proprietary techniques that our email spoofing tool uses to identify and analyze your email gateway, spam filter, and malware filter technologies.

We can detect vulnerabilities in these filtering technologies by analyzing bounce responses. We support a comprehensive list of technologies, including Cisco IronPort, Sophos PureMessage, Sophos ESA, Trustwave SEG, Exchange Antispam Protection, Exchange Online Protection, Proofpoint SEG, FireEye MX, FireEye ETP Cloud, Forcepoint SEG, Forcepoint Cloud, Trend Micro HES, Symantec MessageLabs, Mimecast SEG, Clearswift SEG, Google Mail Protection, Yahoo Mail Protection, and Barracuda Email Security.

Improve your email security with our recursive SPF record querying service. Our email spoofing tool identifies all email sender IP addresses by querying your SPF record and all its lookups. We also collate IP ownership information, providing a reliable mechanism to see who operates your downstream mail sender infrastructure.

Elevate your email security with our advanced email sender supply chain visualization capabilities. Our email spoofing tool pulls near-exact geolocation information and presents it in both a tabular format and a world map visualization.

This information helps you identify geolocation-motivated risks, enabling you to make informed decisions. For example, if you're a Federal Government Agency, it's best to avoid using email infrastructure owned by a hostile nation's ISP and operated out of that nation.

Improve your email security with our comprehensive IP-driven blocklist identifier.

Our email spoofing tool identifies IPs associated with unsolicited bulk emails, spam operations, and spam services (i.e., Low Reputation Senders), snowshoe spam, which actively attempts to evade spam detection (i.e., Low Reputation Senders), hijacked endpoints infected by illegal third-party exploits, including open proxies (HTTP, socks, AnalogX, wingate, etc.), worms/viruses with built-in spam engines, and other types of trojan-horse exploits.

We also identify end-user (non-MTA) addresses that are dynamically allocated to residential users (i.e., Low Reputation Senders).


What Is CanIBeSpoofed?

CanIBeSpoofed was the first tool that CanIPhish created, predating the Cloud Platform we offer today. It was built to provide businesses with not only an email spoofing tool but also a single tool to understand the entire email landscape of a given domain.

CanIBeSpoofed does this by passively analyzing DNS records and actively interrogating email infrastructure to discover weaknesses that may expose a business to unnecessary risks.

CanIBeSpoofed is freely accessible, open-sourced on GitHub, and has deep integrations into the CanIPhish Cloud Platform. If you're wondering what benefit CanIBeSpoofed provides, run a free scan and see if any issues are spotted!

Is Your Domain Vulnerable To Spoofing?

Depending on whether you have stakeholder buy-in to implement remediation activities, you can perform one of two activities.

  • Activity 1 - Showcase The Spoofing Vulnerability Through A Real-World Test: In this activity, you'll replicate the steps that an attacker would take to spoof your domain as part of a demonstration. This will allow you to effectively convey the need to secure your domain's SPF & DMARC records.

    Supplemental Guidance: How To Spoof An Email Address In 5 Steps

  • Activity 2: Uplift Your SPF & DMARC Records To Ensure They're Secure: In this activity, you'll follow industry best practices to ensure your SPF & DMARC records are implemented in a secure manner that eliminates the opportunity for attackers to spoof the domain.

    Supplemental Guidance: How To Create A Secure SPF Record In 5 Steps