EmailSecCheck is a lightweight Python utility that checks whether email security DNS records (DMARC and SPF) are configured properly for a domain. EmailSecCheck is powered by checkdmarc, and leverages it to identify common misconfigurations in DNS records that may enable for email spoofing.
Email spoofing is identified under the following conditions:
git clone https://github.com/MarkoH17/EmailSecCheck.git python3 -m pip install -r requirements.txt
emailseccheck.py [-h] (--domain DOMAIN | --domains_file DOMAINS_FILE)
options: -h, --help show this help message and exit --domain DOMAIN Domain to check for SPF/DMARC issues (default: None) --domains_file DOMAINS_FILE File containing list of domains to check for SPF/DMARC issues (default: None)
$ python3 emailseccheck.py --domain offsec.nl [+] INFO: Analyzing 1 domain(s)... [+] INFO: Analyzing offsec.nl [-] WARN: DMARC record is missing for 'offsec.nl' Spoofing possible for 1 domain(s): > offsec.nl