{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,24]],"date-time":"2026-02-24T02:55:17Z","timestamp":1771901717402,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":34,"publisher":"ACM","license":[{"start":{"date-parts":[[2022,10,25]],"date-time":"2022-10-25T00:00:00Z","timestamp":1666656000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2022,10,25]]},"DOI":"10.1145\/3517745.3561468","type":"proceedings-article","created":{"date-parts":[[2022,10,21]],"date-time":"2022-10-21T21:28:36Z","timestamp":1666387716000},"page":"633-646","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":7,"title":["SPFail"],"prefix":"10.1145","author":[{"given":"Nathaniel","family":"Bennett","sequence":"first","affiliation":[{"name":"Brigham Young University"}]},{"given":"Rebekah","family":"Sowards","sequence":"additional","affiliation":[{"name":"Brigham Young University"}]},{"given":"Casey","family":"Deccio","sequence":"additional","affiliation":[{"name":"Brigham Young University"}]}],"member":"320","published-online":{"date-parts":[[2022,10,25]]},"reference":[{"key":"e_1_3_2_2_1_1","unstructured":"Amazon. 2021. Alexa Top Sites. https:\/\/aws.amazon.com\/alexa-top-sites\/https:\/\/aws.amazon.com\/alexa-top-sites\/.  Amazon. 2021. Alexa Top Sites. https:\/\/aws.amazon.com\/alexa-top-sites\/https:\/\/aws.amazon.com\/alexa-top-sites\/."},{"key":"e_1_3_2_2_2_1","unstructured":"DB-IP. 2022. IP Geolocation API & Free Address Database. https:\/\/db-ip.com\/  DB-IP. 2022. IP Geolocation API & Free Address Database. https:\/\/db-ip.com\/"},{"key":"e_1_3_2_2_3_1","doi-asserted-by":"publisher","DOI":"10.1145\/3485983.3494868"},{"key":"e_1_3_2_2_4_1","volume-title":"IMC '15 Internet Measurement Conference. Association for Computing Machinery.","author":"Durumeric Zakir","unstructured":"Zakir Durumeric , David Adrian , Ariana Mirian , James Kasten , Elie Bursztein , Nicolas Lidzborski , Kurt Thomas , Vijay Eranti , Michael Bailey , and J. Alex Halderman . 2015. Neither Snow Nor Rain Nor MITM...: An Empirical Analysis of Email Delivery Security . In IMC '15 Internet Measurement Conference. Association for Computing Machinery. Zakir Durumeric, David Adrian, Ariana Mirian, James Kasten, Elie Bursztein, Nicolas Lidzborski, Kurt Thomas, Vijay Eranti, Michael Bailey, and J. Alex Halderman. 2015. Neither Snow Nor Rain Nor MITM...: An Empirical Analysis of Email Delivery Security. In IMC '15 Internet Measurement Conference. Association for Computing Machinery."},{"key":"e_1_3_2_2_5_1","doi-asserted-by":"publisher","DOI":"10.1145\/2663716.2663755"},{"key":"e_1_3_2_2_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/2810103.2813607"},{"key":"e_1_3_2_2_7_1","unstructured":"Apache Software Foundation. 2022. SpamAssassin. https:\/\/spamassassin.apache.org\/  Apache Software Foundation. 2022. SpamAssassin. https:\/\/spamassassin.apache.org\/"},{"key":"e_1_3_2_2_8_1","doi-asserted-by":"crossref","unstructured":"T. Hansen D. Crocker and P. Hallam-Baker. 2009. DomainKeys Identified Mail (DKIM) Service Overview. RFC 5585. RFC Editor. https:\/\/www.rfc-editor.org\/rfc\/rfc5585.txt  T. Hansen D. Crocker and P. Hallam-Baker. 2009. DomainKeys Identified Mail (DKIM) Service Overview. RFC 5585. RFC Editor. https:\/\/www.rfc-editor.org\/rfc\/rfc5585.txt","DOI":"10.17487\/rfc5585"},{"key":"e_1_3_2_2_9_1","doi-asserted-by":"publisher","DOI":"10.1109\/TNET.2022.3149011"},{"key":"e_1_3_2_2_10_1","volume-title":"30th USENIX Security Symposium (USENIX Security 21)","author":"Jeitner Philipp","year":"2021","unstructured":"Philipp Jeitner and Haya Shulman . 2021 . Injection Attacks Reloaded: Tunnelling Malicious Payloads over DNS . In 30th USENIX Security Symposium (USENIX Security 21) . USENIX Association, 3165--3182. https:\/\/www.usenix.org\/conference\/usenixsecurity21\/presentation\/jeitner Philipp Jeitner and Haya Shulman. 2021. Injection Attacks Reloaded: Tunnelling Malicious Payloads over DNS. In 30th USENIX Security Symposium (USENIX Security 21). USENIX Association, 3165--3182. https:\/\/www.usenix.org\/conference\/usenixsecurity21\/presentation\/jeitner"},{"key":"e_1_3_2_2_11_1","unstructured":"Dan Kaminsky. 2008. DNS TXT Record Parsing Bug in LibSPF2. https:\/\/dankaminsky.com\/dns-txt-record-parsing-bug-in-libspf2\/  Dan Kaminsky. 2008. DNS TXT Record Parsing Bug in LibSPF2. https:\/\/dankaminsky.com\/dns-txt-record-parsing-bug-in-libspf2\/"},{"key":"e_1_3_2_2_12_1","doi-asserted-by":"crossref","unstructured":"S. Kitterman. 2014. Sender Policy Framework (SPF) for Authorizing Use of Domains in Email Version 1. RFC 7208. RFC Editor. https:\/\/www.rfc-editor.org\/rfc\/rfc7208.txt  S. Kitterman. 2014. Sender Policy Framework (SPF) for Authorizing Use of Domains in Email Version 1. RFC 7208. RFC Editor. https:\/\/www.rfc-editor.org\/rfc\/rfc7208.txt","DOI":"10.17487\/rfc7208"},{"key":"e_1_3_2_2_13_1","unstructured":"J. Klensin. 2008. Simple Mail Transfer Protocol. RFC 5321. RFC Editor. https:\/\/www.rfc-editor.org\/rfc\/rfc5321.txt  J. Klensin. 2008. Simple Mail Transfer Protocol. RFC 5321. RFC Editor. https:\/\/www.rfc-editor.org\/rfc\/rfc5321.txt"},{"key":"e_1_3_2_2_14_1","doi-asserted-by":"crossref","unstructured":"M. Kucherawy and E. Zwicky. 2015. Domain-based Message Authentication Reporting and Conformance (DMARC). RFC 7489. RFC Editor. https:\/\/www.rfc-editor.org\/rfc\/rfc7489.txt  M. Kucherawy and E. Zwicky. 2015. Domain-based Message Authentication Reporting and Conformance (DMARC). RFC 7489. RFC Editor. https:\/\/www.rfc-editor.org\/rfc\/rfc7489.txt","DOI":"10.17487\/rfc7489"},{"key":"e_1_3_2_2_15_1","unstructured":"P. Mockapetris. 1987. Domain Names - Concepts and Facilities. RFC 1034. RFC Editor. https:\/\/www.rfc-editor.org\/rfc\/rfc1034.txt  P. Mockapetris. 1987. Domain Names - Concepts and Facilities. RFC 1034. RFC Editor. https:\/\/www.rfc-editor.org\/rfc\/rfc1034.txt"},{"key":"e_1_3_2_2_16_1","unstructured":"P. Mockapetris. 1987. Domain Names - Implementation and Specification. RFC 1035. RFC Editor. https:\/\/www.rfc-editor.org\/rfc\/rfc1035.txt  P. Mockapetris. 1987. Domain Names - Implementation and Specification. RFC 1035. RFC Editor. https:\/\/www.rfc-editor.org\/rfc\/rfc1035.txt"},{"key":"e_1_3_2_2_17_1","unstructured":"Naver. 2022. Naver. https:\/\/www.naver.com\/  Naver. 2022. Naver. https:\/\/www.naver.com\/"},{"key":"e_1_3_2_2_18_1","unstructured":"NetBlocks. 2022. Ukraine banking and defense platforms knocked out amid heightened tensions with Russia. https:\/\/netblocks.org\/reports\/ukraine-banking-and-defence-platforms-knocked-out-russia-conflict-JBQX7mAo  NetBlocks. 2022. Ukraine banking and defense platforms knocked out amid heightened tensions with Russia. https:\/\/netblocks.org\/reports\/ukraine-banking-and-defence-platforms-knocked-out-russia-conflict-JBQX7mAo"},{"key":"e_1_3_2_2_19_1","unstructured":"International Standards Organization. 2018. ISO\/IEC 9899:2018: Information technology - Programming languages - C. https:\/\/www.iso.org\/standard\/74528.html  International Standards Organization. 2018. ISO\/IEC 9899:2018: Information technology - Programming languages - C. https:\/\/www.iso.org\/standard\/74528.html"},{"key":"e_1_3_2_2_20_1","unstructured":"Wirtualna Polska. 2022. Statistics. https:\/\/holding.wp.pl\/en\/statistics  Wirtualna Polska. 2022. Statistics. https:\/\/holding.wp.pl\/en\/statistics"},{"key":"e_1_3_2_2_21_1","unstructured":"Wirtualna Polska. 2022. Wirtualna Polska - Wszystko co wa\u017cne - www.wp.pl. https:\/\/www.wp.pl\/  Wirtualna Polska. 2022. Wirtualna Polska - Wszystko co wa\u017cne - www.wp.pl. https:\/\/www.wp.pl\/"},{"key":"e_1_3_2_2_22_1","volume-title":"12th USENIX Security Symposium (USENIX Security 03)","author":"Rescorla Eric","year":"2003","unstructured":"Eric Rescorla . 2003 . Security Holes . . . Who Cares? . In 12th USENIX Security Symposium (USENIX Security 03) . USENIX Association, Washington, D.C. https:\/\/www.usenix.org\/conference\/12th-usenix-security-symposium\/security-holes-who-cares Eric Rescorla. 2003. Security Holes . . . Who Cares?. In 12th USENIX Security Symposium (USENIX Security 03). USENIX Association, Washington, D.C. https:\/\/www.usenix.org\/conference\/12th-usenix-security-symposium\/security-holes-who-cares"},{"key":"e_1_3_2_2_23_1","volume-title":"Passive and Active Measurement","author":"Scheffler Sarah","unstructured":"Sarah Scheffler , Sean Smith , Yossi Gilad , and Sharon Goldberg . 2018. The Unintended Consequences of Email Spam Prevention . In Passive and Active Measurement . Springer International Publishing . Sarah Scheffler, Sean Smith, Yossi Gilad, and Sharon Goldberg. 2018. The Unintended Consequences of Email Spam Prevention. In Passive and Active Measurement. Springer International Publishing."},{"key":"e_1_3_2_2_24_1","unstructured":"Seznam. 2022. About us - About Seznam. https:\/\/o.seznam.cz\/en\/about-us\/  Seznam. 2022. About us - About Seznam. https:\/\/o.seznam.cz\/en\/about-us\/"},{"key":"e_1_3_2_2_25_1","unstructured":"Seznam. 2022. Seznam - najdu tam co nezn\u00e1m. https:\/\/www.seznam.cz\/  Seznam. 2022. Seznam - najdu tam co nezn\u00e1m. https:\/\/www.seznam.cz\/"},{"key":"e_1_3_2_2_26_1","volume-title":"Weak Links in Authentication Chains: A Large-scale Analysis of Email Sender Spoofing Attacks. In 30th USENIX Security Symposium (USENIX Security 21)","author":"Shen Kaiwen","year":"2021","unstructured":"Kaiwen Shen , Chuhan Wang , Minglei Guo , Xiaofeng Zheng , Chaoyi Lu , Baojun Liu , Yuxuan Zhao , Shuang Hao , Haixin Duan , Qingfeng Pan , and Min Yang . 2021 . Weak Links in Authentication Chains: A Large-scale Analysis of Email Sender Spoofing Attacks. In 30th USENIX Security Symposium (USENIX Security 21) . USENIX Association, 3201--3217. https:\/\/www.usenix.org\/conference\/usenixsecurity21\/presentation\/shen-kaiwen Kaiwen Shen, Chuhan Wang, Minglei Guo, Xiaofeng Zheng, Chaoyi Lu, Baojun Liu, Yuxuan Zhao, Shuang Hao, Haixin Duan, Qingfeng Pan, and Min Yang. 2021. Weak Links in Authentication Chains: A Large-scale Analysis of Email Sender Spoofing Attacks. In 30th USENIX Security Symposium (USENIX Security 21). USENIX Association, 3201--3217. https:\/\/www.usenix.org\/conference\/usenixsecurity21\/presentation\/shen-kaiwen"},{"key":"e_1_3_2_2_27_1","unstructured":"Shevek. 2008. import libspf2 1.2.5. https:\/\/github.com\/shevek\/libspf2\/commit\/9928ce57b334c2914ccf4def8a8da61b138e4b70  Shevek. 2008. import libspf2 1.2.5. https:\/\/github.com\/shevek\/libspf2\/commit\/9928ce57b334c2914ccf4def8a8da61b138e4b70"},{"key":"e_1_3_2_2_28_1","unstructured":"Shevek. 2008. start on length computation in spf_expand. https:\/\/github.com\/shevek\/libspf2\/commit\/496322ef486935e1cd52af3c09a26300cb465869  Shevek. 2008. start on length computation in spf_expand. https:\/\/github.com\/shevek\/libspf2\/commit\/496322ef486935e1cd52af3c09a26300cb465869"},{"key":"e_1_3_2_2_29_1","unstructured":"Vsevolod Stakhov. 2022. Rspamd. https:\/\/www.rspamd.com\/  Vsevolod Stakhov. 2022. Rspamd. https:\/\/www.rspamd.com\/"},{"key":"e_1_3_2_2_30_1","volume-title":"Network and Distributed Systems Security (NDSS) Symposium","author":"Stock B.","year":"2018","unstructured":"B. Stock , G. Pellegrino , F. Li , M. Backes , and C. Rossow . 2018. Didn't You Hear Me? --- Towards More Successful Web Vulnerability Notifications . Network and Distributed Systems Security (NDSS) Symposium ( 2018 ). B. Stock, G. Pellegrino, F. Li, M. Backes, and C. Rossow. 2018. Didn't You Hear Me? --- Towards More Successful Web Vulnerability Notifications. Network and Distributed Systems Security (NDSS) Symposium (2018)."},{"key":"e_1_3_2_2_31_1","unstructured":"Inc. Synopsys. 2022. About Coverity. https:\/\/web.archive.org\/web\/20220316081445\/https:\/\/scan.coverity.com\/about  Inc. Synopsys. 2022. About Coverity. https:\/\/web.archive.org\/web\/20220316081445\/https:\/\/scan.coverity.com\/about"},{"key":"e_1_3_2_2_32_1","unstructured":"VK. 2022. VK \/ Main. https:\/\/vk.company\/  VK. 2022. VK \/ Main. https:\/\/vk.company\/"},{"key":"e_1_3_2_2_33_1","unstructured":"VK. 2022. VK \/ What is VK. https:\/\/vk.company\/en\/company\/about\/  VK. 2022. VK \/ What is VK. https:\/\/vk.company\/en\/company\/about\/"},{"key":"e_1_3_2_2_34_1","unstructured":"Wikipedia. 2022. Naver. https:\/\/en.wikipedia.org\/wiki\/Naver  Wikipedia. 2022. Naver. https:\/\/en.wikipedia.org\/wiki\/Naver"}],"event":{"name":"IMC '22: ACM Internet Measurement Conference","location":"Nice France","acronym":"IMC '22","sponsor":["SIGMETRICS ACM Special Interest Group on Measurement and Evaluation","SIGCOMM ACM Special Interest Group on Data Communication","USENIX Assoc USENIX Assoc"]},"container-title":["Proceedings of the 22nd ACM Internet Measurement Conference"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3517745.3561468","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3517745.3561468","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T17:49:17Z","timestamp":1750182557000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3517745.3561468"}},"subtitle":["discovering, measuring, and remediating vulnerabilities in email sender validation"],"short-title":[],"issued":{"date-parts":[[2022,10,25]]},"references-count":34,"alternative-id":["10.1145\/3517745.3561468","10.1145\/3517745"],"URL":"https:\/\/doi.org\/10.1145\/3517745.3561468","relation":{},"subject":[],"published":{"date-parts":[[2022,10,25]]},"assertion":[{"value":"2022-10-25","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}