mirror of
https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git
synced 2026-07-17 05:05:16 +03:00
42 lines
1.5 KiB
Markdown
42 lines
1.5 KiB
Markdown
---
|
|
name: implementing-email-security-with-dmarc-dkim-spf
|
|
description: >-
|
|
Audit and validate email authentication configurations by checking SPF, DKIM,
|
|
and DMARC DNS records for a domain. Uses dnspython to query TXT records,
|
|
validates SPF syntax and lookup counts, verifies DKIM selector records,
|
|
parses DMARC policies, and identifies misconfigurations that enable email
|
|
spoofing. Generates remediation recommendations.
|
|
domain: cybersecurity
|
|
subdomain: security-operations
|
|
tags: [implementing, email, security, with]
|
|
version: "1.0"
|
|
author: mahipal
|
|
license: MIT
|
|
---
|
|
|
|
## Instructions
|
|
|
|
1. Install dependencies: `pip install dnspython checkdmarc`
|
|
2. Provide target domain(s) to audit.
|
|
3. Run the agent to check email security:
|
|
- Query and validate SPF records (syntax, mechanism count, includes, redirect)
|
|
- Check DKIM records for common selectors (google, default, selector1, selector2)
|
|
- Parse DMARC records (policy, subdomain policy, reporting URIs, alignment)
|
|
- Identify misconfigurations enabling spoofing
|
|
- Generate remediation recommendations
|
|
|
|
```bash
|
|
python scripts/agent.py --domain example.com --output email_security_report.json
|
|
```
|
|
|
|
## Examples
|
|
|
|
### Email Security Audit Result
|
|
```
|
|
Domain: example.com
|
|
SPF: v=spf1 include:_spf.google.com ~all (WARN: softfail allows spoofing)
|
|
DKIM: selector1 OK, selector2 OK
|
|
DMARC: v=DMARC1; p=none; rua=mailto:dmarc@example.com (WARN: policy=none, no enforcement)
|
|
Risk: HIGH - p=none with ~all allows email spoofing
|
|
```
|