A Python module and command line parser for SPF and DMARC records
Project description
checkdmarc
A Python module and command line utility for validating SPF and DMARC DNS records
usage: checkdmarc [-h] [-p] [--ns NS [NS ...]] [--mx MX [MX ...]] [-d]
[-f FORMAT] [-o OUTPUT [OUTPUT ...]]
[-n NAMESERVER [NAMESERVER ...]] [-t TIMEOUT] [-v]
[-w WAIT] [--skip-tls] [--debug]
domain [domain ...]
Validates and parses SPF amd DMARC DNS records
positional arguments:
domain one or more domains, or a single path to a file
containing a list of domains
optional arguments:
-h, --help show this help message and exit
-p, --parked indicate that the domains are parked
--ns NS [NS ...] approved nameserver substrings
--mx MX [MX ...] approved MX hostname substrings
-d, --descriptions include descriptions of DMARC tags in the JSON output
-f FORMAT, --format FORMAT
specify JSON or CSV screen output format
-o OUTPUT [OUTPUT ...], --output OUTPUT [OUTPUT ...]
one or more file paths to output to (must end in .json
or .csv) (silences screen output)
-n NAMESERVER [NAMESERVER ...], --nameserver NAMESERVER [NAMESERVER ...]
nameservers to query (Default is Cloudflare's
-t TIMEOUT, --timeout TIMEOUT
number of seconds to wait for an answer from DNS
(default 2.0)
-v, --version show program's version number and exit
-w WAIT, --wait WAIT number of seconds to wait between checking domains
(default 0.0)
--skip-tls skip TLS/SSL testing
--debug enable debugging output
Warning
It is strongly recommended to not use the --nameserver/-n setting. By default, checkdmarc uses Cloudflare’s public resolvers, which are much faster and more reliable than Google, Cisco OpenDNS, or even most local resolvers.
The --nameservers/-n option should only be used if your network blocks DNS requests to outside resolvers.
$ checkdmarc fbi.gov
{ "domain": "fbi.gov", "base_domain": "fbi.gov", "dnssec": true, "ns": { "hostnames": [ "a1.fbi.gov", "a2.fbi.gov", "a3.fbi.gov" ], "warnings": [] }, "mx": { "hosts": [ { "preference": 10, "hostname": "mx-east.fbi.gov", "addresses": [ "153.31.160.5" ], "tls": true, "starttls": true } ], "warnings": [] }, "spf": { "record": "v=spf1 +mx ip4:153.31.0.0/16 -all", "valid": true, "dns_lookups": 1, "warnings": [], "parsed": { "pass": [ { "value": "mx-east.fbi.gov", "mechanism": "mx" }, { "value": "153.31.0.0/16", "mechanism": "ip4" } ], "neutral": [], "softfail": [], "fail": [], "include": [], "redirect": null, "exp": null, "all": "fail" } }, "dmarc": { "record": "v=DMARC1; p=reject; rua=mailto:dmarc-feedback@fbi.gov,mailto:reports@dmarc.cyber.dhs.gov; ruf=mailto:dmarc-feedback@fbi.gov; pct=100", "valid": true, "location": "fbi.gov", "warnings": [], "tags": { "v": { "value": "DMARC1", "explicit": true }, "p": { "value": "reject", "explicit": true }, "rua": { "value": [ { "scheme": "mailto", "address": "dmarc-feedback@fbi.gov", "size_limit": null }, { "scheme": "mailto", "address": "reports@dmarc.cyber.dhs.gov", "size_limit": null } ], "explicit": true }, "ruf": { "value": [ { "scheme": "mailto", "address": "dmarc-feedback@fbi.gov", "size_limit": null } ], "explicit": true }, "pct": { "value": 100, "explicit": true }, "adkim": { "value": "r", "explicit": false }, "aspf": { "value": "r", "explicit": false }, "fo": { "value": [ "0" ], "explicit": false }, "rf": { "value": [ "afrf" ], "explicit": false }, "ri": { "value": 86400, "explicit": false }, "sp": { "value": "reject", "explicit": false } } } }
Installation
checkdmarc requires Python 3.
On Debian or Ubuntu systems, run:
$ sudo apt-get install python3-pip
Python 3 installers for Windows and macOS can be found at https://www.python.org/downloads/
To install or upgrade to the latest stable release of checkdmarc on macOS or Linux, run
$ sudo -H pip3 install -U checkdmarc
Or, install the latest development release directly from GitHub:
$ sudo -H pip3 install -U git+https://github.com/domainaware/checkdmarc.git
Note
On Windows, pip3 is pip, even with Python 3. So on Windows, simply substitute pip as an administrator in place of sudo pip3, in the above commands.
Documentation
Bug reports
Please report bugs on the GitHub issue tracker
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
| Filename, size | File type | Python version | Upload date | Hashes |
|---|---|---|---|---|
| Filename, size checkdmarc-4.2.4-py3-none-any.whl (26.4 kB) | File type Wheel | Python version py3 | Upload date | Hashes View |
| Filename, size checkdmarc-4.2.4.tar.gz (23.3 kB) | File type Source | Python version None | Upload date | Hashes View |
Hashes for checkdmarc-4.2.4-py3-none-any.whl
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 887dc1af4208502f0a592dc50e5c47037148239398c2af0548c5439c41331302 |
|
| MD5 | 336494d46f48c9833ed5ae7363ae9ad6 |
|
| BLAKE2-256 | c92797eeac77d976a0ecf129da48f12b8cd2d687e09b930c926802b2e3eb42e0 |
