Simple script that checks a domain for email protections
A program that checks if a domain can be spoofed from. The program checks SPF and DMARC records for weak configurations that allow spoofing.
Additionally it will alert if the domain has DMARC configuration that sends mail or HTTP requests on failed SPF/DKIM emails.
Usage:
./spoofcheck.py [DOMAIN]
Domains are spoofable if any of the following conditions are met:
~all
or -all
p=none
or is nonexistentdnspython
colorama
emailprotectionslib
tldextract
Run pip install -r requirements.txt
from the command line to install the required dependencies.