EmailSecCheck is a lightweight Python utility that checks whether email security DNS records (DMARC and SPF) are configured properly for a domain. EmailSecCheck is powered by checkdmarc, and leverages it to identify common misconfigurations in DNS records that may enable for email spoofing.
Email spoofing is identified under the following conditions:
- SPF Issues
- SPF configured as something other than
failorsoftfail - SPF record is missing
- SPF record contains a syntax error
- SPF configured as something other than
- DMARC Issues
- Multiple SPF records exist
- DMARC record is missing
- DMARC record contains a syntax error
- Multiple DMARC records exist
Grab the latest release and install the package requirements by running pip3 install -r requirements.txt. EmailSecCheck was developed for Python 3.
python3 emailseccheck.py --domain <domain_here>
python3 emailseccheck.py --domains_file <path_to_file_here>
