Circle stripe pattern
Gray dot header
Run a free email spoofing test.

CanIBeSpoofed: The Free Email Spoofing Tool

Scan your SPF and DMARC records to detect if they're vulnerable to email spoofing. CanIBeSpoofed uses 14 distinct checks to determine if a domain is vulnerable and what the level of exposure is.

Macbook Laptop Email Spoofing Tool Results Screenshot
Macbook Outline CanIPhish Cloud Platform Dashboard Snippet
Macbook Laptop CanIPhish Phishing Success Screenshot
Apple iPhone CanIPhish Phishing Success Mobile Screenshot
Analyze your email supply chain with our email spoofing tool

CanIBeSpoofed - Overview

Magnification tool

Email Spoofing Discovery

With our proprietary analysis engine, you can test and identify SPF & DMARC configurations that can facilitate email spoofing.

Document appearing out of screen

Email Receiver Analysis

Scan email servers to identify what spam and malware filtering technologies are in-use and whether they are misconfigured.

Stacked emails

Email Sender Analysis

Extrapolate the complete email sender supply chain of a provided domain through recursive analysis of SPF sub-domain lookups.

Visual report

Email Sender Visualisation

Enhance and visualize email sender supply chains with near-exact geolocation and IP blocklisting information.

Cloud storage

Scanning Automation

Create an account and leverage the CanIPhish API to scan domains programmatically. Or locally scan using our GitHub project.

Turning cog

Historic Searching

Registered users can view their searches and monitor email spoofing vulnerabilities over time with our historic search dashboard.

See our Cloud Platform See the GitHub Project
Deep-dive into the features of our email spoofing tool

CanIBeSpoofed - Features

Our email spoofing tool performs 14 different SPF and DMARC configuration checks to ensure that your domain is protected from email spoofing and spam.

Some of these checks include verifying that your domain has an SPF record in place, ensuring that the 'all' mechanism is set correctly, and checking for insecure DMARC policies. We also identify vulnerabilities such as non-existent sub-domain records and partial DMARC coverage. With our expert checks, you can be confident that your domain is fully protected against email attacks and will not be flagged as spam by email receivers.

Improve your email security protections with the proprietary techniques that our email spoofing tool uses to identify and analyze your email gateway, spam filter, and malware filter technologies.

We can detect vulnerabilities in these filtering technologies by analyzing bounce responses. We support a comprehensive list of technologies, including Cisco IronPort, Sophos PureMessage, Sophos ESA, Trustwave SEG, Exchange Antispam Protection, Exchange Online Protection, Proofpoint SEG, FireEye MX, FireEye ETP Cloud, Forcepoint SEG, Forcepoint Cloud, Trend Micro HES, Symantec MessageLabs, Mimecast SEG, Clearswift SEG, Google Mail Protection, Yahoo Mail Protection, and Barracuda Email Security.

Improve your email security with our recursive SPF record querying service. Our email spoofing tool identifies all email sender IP addresses by querying your SPF record and all its lookups. We also collate IP ownership information, providing a reliable mechanism to see who operates your downstream mail sender infrastructure.

Elevate your email security with our advanced email sender supply chain visualization capabilities. Our email spoofing tool pulls near-exact geolocation information and presents it in both a tabular format and a world map visualization.

This valuable information helps you identify geolocation motivated risks, enabling you to make informed decisions. For example, if you're a Federal Government Agency, it's best to avoid using email infrastructure owned by a hostile nation's ISP and operated out of that nation.

Improve your email security with our comprehensive IP-driven blocklist identifier.

Our email spoofing tool identifies IPs associated with unsolicited bulk emails, spam operations, and spam services (i.e., Low Reputation Senders), snowshoe spam, which actively attempts to evade spam detection (i.e., Low Reputation Senders), hijacked endpoints infected by illegal third-party exploits, including open proxies (HTTP, socks, AnalogX, wingate, etc.), worms/viruses with built-in spam engines, and other types of trojan-horse exploits.

We also identify end-user (non-MTA) addresses that are dynamically allocated to residential users (i.e., Low Reputation Senders).

What is CanIBeSpoofed?

CanIBeSpoofed was the first tool that CanIPhish created, predating the Cloud Platform we offer today. It was built to provide businesses with not only an email spoofing tool but a single tool to understand the entire email landscape of a given domain.

CanIBeSpoofed does this by passively analyzing DNS records and actively interrogating email infrastructure to discover weaknesses that may expose a business to unnecessary risks.

CanIBeSpoofed is freely accessible, open-sourced on GitHub, and has deep integrations into the CanIPhish Cloud Platform. For example, if you need to see historical search data, then this can be viewed under your account dashboard. CanIPhish additionally maintains a view of every search performed and uses this for security research on the absence of security controls at scale.

If you're wondering what benefit CanIBeSpoofed provides, run a free scan and see if any issues are spotted!