A simple Python tool to analyze email security configuration for any domain — one at a time or in bulk across a list of domains.
- SPF - Sender Policy Framework
- DMARC - Domain-based Message Authentication, Reporting & Conformance
- DKIM - DomainKeys Identified Mail
- MX - Mail Exchange records
- MTA-STS - Mail Transfer Agent Strict Transport Security
- TLS-RPT - TLS Reporting
- BIMI - Brand Indicators for Message Identification
# Install dnspython directly
pip3 install dnspython
# Or create a venv first
python3 -m venv .mailscanvenv
source .mailscanvenv/bin/activate
pip3 install dnspython# Risk analysis (default)
python3 mailscan.py example.com
# DNS records only
python3 mailscan.py example.com --records
# Both risk analysis and records
python3 mailscan.py example.com --bothPass a file containing one domain per line with -f. Lines starting with # are treated as comments and ignored.
# domains.txt
example.com
test.com
# this line is ignored
another.com# Findings grouped by issue (default)
python3 mailscan.py -f domains.txt
# DNS records for each domain
python3 mailscan.py -f domains.txt --records
# Grouped findings + per-domain records
python3 mailscan.py -f domains.txt --bothBulk mode scans all domains concurrently and groups findings by issue rather than by domain, so you can immediately see which problems are widespread and which are isolated. A domain risk score summary is printed at the end, ranked highest to lowest.
- Python 3.6+
- dnspython