code Предпросмотр кода

Python

#!/usr/bin/env python3
"""
DMARC Record Checker - Email Policy Validator
Validates DMARC policies for email authentication
"""
import dns.resolver
import re

def check_dmarc_record(domain):
    """Check DMARC record for a domain"""
    try:
        dmarc_domain = f'_dmarc.{domain}'
        txt_records = dns.resolver.resolve(dmarc_domain, 'TXT')

        for record in txt_records:
            txt = ''.join([s.decode() if isinstance(s, bytes)
                          else s for s in record.strings])
            if txt.startswith('v=DMARC1'):
                # Parse DMARC record
                policy = re.search(r'p=([^;]+)', txt)
                sp = re.search(r'sp=([^;]+)', txt)
                pct = re.search(r'pct=([^;]+)', txt)
                rua = re.search(r'rua=([^;]+)', txt)
                ruf = re.search(r'ruf=([^;]+)', txt)

                return {
                    'domain': domain,
                    'status': 'VALID',
                    'dmarc_record': txt,
                    'policy': policy.group(1) if policy else 'none',
                    'subdomain_policy': sp.group(1) if sp else None,
                    'percentage': pct.group(1) if pct else '100',
                    'aggregate_reports': rua.group(1) if rua else None,
                    'forensic_reports': ruf.group(1) if ruf else None
                }

        return {'domain': domain, 'status': 'MISSING',
                'error': 'No DMARC record found'}
    except dns.resolver.NXDOMAIN:
        return {'domain': domain, 'status': 'MISSING',
                'error': 'DMARC record not found'}
    except Exception as e:
        return {'domain': domain, 'status': 'ERROR',
                'error': str(e)}

if __name__ == '__main__':
    domain = input('Enter domain: ')
    result = check_dmarc_record(domain)
    print(f"Domain: {result['domain']}")
    print(f"Status: {result['status']}")
    if 'policy' in result:
        print(f"Policy: {result['policy']}")
        print(f"Percentage: {result['percentage']}%")

info Об инструменте

The DMARC Record Checker validates Domain-based Message Authentication policies. DMARC builds on SPF and DKIM to tell receiving servers how to handle emails that fail authentication.

Ключевые особенности

DMARC Record Lookup - Retrieves DMARC policies from DNS
Policy Analysis - Checks p= (policy) and sp= (subdomain policy) values
Report Validation - Verifies rua and ruf report addresses
Alignment Check - Validates SPF and DKIM alignment settings
Recommendation Engine - Suggests policy improvements

Описание политик DMARC

p=none - Monitor only, don't take action (good for testing)
p=quarantine - Send failing emails to spam folder
p=reject - Block failing emails entirely (strongest protection)

Почему DMARC важен

Protects your domain from email spoofing
Prevents phishing attacks using your brand
Provides visibility via aggregate reports
Improves deliverability with major providers

Требования

Python 3.7+
dnspython library (pip install dnspython)

Recommendation: Start with p=none to monitor, then gradually move to p=quarantine and finally p=reject as you verify legitimate email sources.

download Скачать скрипт

Нужна полная автоматизация?

Попробуйте Postigo для автоматизированных email-кампаний с AI-персонализацией

rocket_launch Start Free Trial