Files
T

1.5 KiB

name, description, domain, subdomain, tags, version, author, license
name description domain subdomain tags version author license
implementing-email-security-with-dmarc-dkim-spf Audit and validate email authentication configurations by checking SPF, DKIM, and DMARC DNS records for a domain. Uses dnspython to query TXT records, validates SPF syntax and lookup counts, verifies DKIM selector records, parses DMARC policies, and identifies misconfigurations that enable email spoofing. Generates remediation recommendations. cybersecurity security-operations
implementing
email
security
with
1.0 mahipal MIT

Instructions

  1. Install dependencies: pip install dnspython checkdmarc
  2. Provide target domain(s) to audit.
  3. Run the agent to check email security:
    • Query and validate SPF records (syntax, mechanism count, includes, redirect)
    • Check DKIM records for common selectors (google, default, selector1, selector2)
    • Parse DMARC records (policy, subdomain policy, reporting URIs, alignment)
    • Identify misconfigurations enabling spoofing
    • Generate remediation recommendations
python scripts/agent.py --domain example.com --output email_security_report.json

Examples

Email Security Audit Result

Domain: example.com
SPF: v=spf1 include:_spf.google.com ~all (WARN: softfail allows spoofing)
DKIM: selector1 OK, selector2 OK
DMARC: v=DMARC1; p=none; rua=mailto:dmarc@example.com (WARN: policy=none, no enforcement)
Risk: HIGH - p=none with ~all allows email spoofing