Version

mxcheck is an info scanner for e-mail servers.

It checks

DNS records: A, MX, PTR, SPF, MTA-STS, DKIM, DMARC
AS Number and AS Country
the support of StartTLS and the certificate
open ports: 25, 465, 587
if the service is listed by blacklists
if it leaks information by server string and VRFY command
and if the server is an open relay

You can set mailFrom, mailTo, the DNS server, DKIM selector and output a report in tsv format.

-b, --blacklist          Check if the service is on blacklists
-d, --dnsserver string   The dns server to be requested (default "8.8.8.8")
-f, --mailfrom string    Set the mailFrom address (default "[email protected]")
-t, --mailto string      Set the mailTo address (default "[email protected]")
-n, --no-prompt          Answer yes to all questions
-s, --service string     The service host to check (mandatory flag)
-S, --dkim-selector      The DKIM selector. If set a dkim check is performed on the provided service domain
-v, --version            Version and license
-u, --updatecheck        Check if a new version of mxcheck is available
-w, --write-tsv          Write tsv formated report to file

Version

v1.6.1

Installation

go install github.com/steffenfritz/mxcheck@latest

or

download a pre-compiled binary.

Usage Example

./mxcheck -s 2600.com
./mxcheck -s 2600.com -v
./mxcheck -s 2600.com -d 8.8.8.8
./mxcheck -s 2600.com -n -f [email protected] -t [email protected] -w -S default
./mxcheck -s 2600.com -n -f [email protected] -t [email protected] -w -S default -b

Check for authentication

There is no check whether the server needs authentication. However, you can do two runs:

The first one uses a from and to address outside the mail server's scope, e.g.:

./mxcheck -s example.com -f [email protected] -t [email protected]

The second one uses a from and a to address from the mail server's scope, e.g.:

./mxcheck -s example.com -f [email protected] -t [email protected]

If the first one returns Server is not an open relay and the second one returns Server is probably an open relay the server is not an open relay, but you can send mails from local to local addresses without authentication.

Documentation and contact

mxcheck has a man page :)

Furthermore, you can find a documentation and contact information here: https://mxcheck.fritz.wtf

The logo was created by Alex/Lignum5. Thanks, mate :)

Name		Name	Last commit message	Last commit date
Latest commit History 198 Commits
.github		.github
.idea		.idea
resources		resources
vendor		vendor
.gitignore		.gitignore
AUTHORS.rst		AUTHORS.rst
CHANGELOG		CHANGELOG
CONTRIBUTING.md		CONTRIBUTING.md
LICENSE		LICENSE
Makefile		Makefile
README.md		README.md
SECURITY.md		SECURITY.md
asn.go		asn.go
asn_test.go		asn_test.go
blacklists.go		blacklists.go
checkversion.go		checkversion.go
checkversion_test.go		checkversion_test.go
connect.go		connect.go
connect_test.go		connect_test.go
dkim.go		dkim.go
dmarc.go		dmarc.go
dns.go		dns.go
dns_test.go		dns_test.go
go.mod		go.mod
go.sum		go.sum
main.go		main.go
mtasts.go		mtasts.go
mxcheck.1		mxcheck.1
openrelay.go		openrelay.go
openrelay_test.go.GH_DISABLED		openrelay_test.go.GH_DISABLED
output.go		output.go
output_test.go		output_test.go
tlscheck.go		tlscheck.go
tlscheck_test.go.GH_DISABLED		tlscheck_test.go.GH_DISABLED
versionmsg.go		versionmsg.go

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

Version

Installation

Usage Example

Check for authentication

Documentation and contact

About

Releases 21

Sponsor this project

Packages

Contributors 2

Languages

License

steffenfritz/mxcheck

Folders and files

Latest commit

History

Repository files navigation

Version

Installation

Usage Example

Check for authentication

Documentation and contact

About

Topics

Resources

License

Security policy

Stars

Watchers

Forks

Releases 21

Sponsor this project

Packages 0

Contributors 2

Languages

Packages