EmailSecCheck is a lightweight Python utility that checks whether email security DNS records (DMARC and SPF) are configured properly for a domain. EmailSecCheck is powered by checkdmarc, and leverages it to identify common misconfigurations in DNS records that may enable for email spoofing.
Email spoofing is identified under the following conditions:
fail
or softfail
git clone https://github.com/MarkoH17/EmailSecCheck.git
python3 -m pip install -r requirements.txt
emailseccheck.py [-h] (--domain DOMAIN | --domains_file DOMAINS_FILE)
options:
-h, --help show this help message and exit
--domain DOMAIN Domain to check for SPF/DMARC issues (default: None)
--domains_file DOMAINS_FILE
File containing list of domains to check for SPF/DMARC issues (default: None)
$ python3 emailseccheck.py --domain offsec.nl
[+] INFO: Analyzing 1 domain(s)...
[+] INFO: Analyzing offsec.nl
[-] WARN: DMARC record is missing for 'offsec.nl'
Spoofing possible for 1 domain(s):
> offsec.nl