Skip to content

EmailSecCheck is a lightweight Python utility used to check for common SPF/DMARC misconfigurations that may allow for email spoofing.

Notifications You must be signed in to change notification settings

MarkoH17/EmailSecCheck

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
 
 
 
 
 
 

Repository files navigation

What is EmailSecCheck?

EmailSecCheck is a lightweight Python utility that checks whether email security DNS records (DMARC and SPF) are configured properly for a domain. EmailSecCheck is powered by checkdmarc, and leverages it to identify common misconfigurations in DNS records that may enable for email spoofing.

Email spoofing is identified under the following conditions:

  • SPF Issues
    • SPF configured as something other than fail or softfail
    • SPF record is missing
    • SPF record contains a syntax error
  • DMARC Issues
    • Multiple SPF records exist
    • DMARC record is missing
    • DMARC record contains a syntax error
    • Multiple DMARC records exist

Getting Started

Grab the latest release and install the package requirements by running pip3 install -r requirements.txt. EmailSecCheck was developed for Python 3.

Checking DNS Records for a Single Domain

python3 emailseccheck.py --domain <domain_here>

Checking DNS Records for Several Domains

python3 emailseccheck.py --domains_file <path_to_file_here>

Example

image

About

EmailSecCheck is a lightweight Python utility used to check for common SPF/DMARC misconfigurations that may allow for email spoofing.

Topics

Resources

Stars

Watchers

Forks

Languages