TR-92 - Unused Domain Names and the Risks of Missing DNS SPF Records www.circl.lu/pub/tr-92…

Many organizations maintain a broad portfolio of domain names, acquired for branding, strategic planning, or defensive purposes. However, a significant portion of these domains often remains unused or lacks proper DNS configurations, leaving them vulnerable to exploitation. One particularly critical oversight is the absence of DNS SPF (Sender Policy Framework) TXT records, which are essential to controlling the sources from which emails for a domain can be legitimately sent. This document highlights the risks associated with improperly configured domains and provides actionable recommendations to mitigate such vulnerabilities.