A command-line tool written in Go (Golang) - inspired on the project Spoofy - for analyzing the vulnerability of domain names to email spoofing attacks and suggesting changes for mitigation.
[+] Accepts either a single domain name or a path to a list of domain names.
[+] Checks if the entry corresponds to a organizational domain or a subdomain.
[+] Gets SOA, NS and MX records.
[+] Attempts to locate DKIM (DomainKeys Identified Mail) record using the 100 most common selectors.
[+] Checks if there is a BIMI (Brand Indicators for Message Identification) record.
[+] Checks if the server uses a Catch-All configuration (for user enumeration prevention).
[+] Checks the existence and compliance of the SPF (Sender Policy Framework) record.
[+] Checks the existence and compliance of the DMARC (Domain-based Message Authentication, Reporting, and Conformance) record.
[+] Indicates whether the domain is vulnerable to email spoofing attacks and specifies the level of vulnerability*.
[+] Provides solutions to address and resolve the identified vulnerabilities*.
[+] Generates a CSV file with the results.
** The tool makes its conclusions according to what is found in ULTIMATE_TABLE.
-
Install Golang https://go.dev/doc/install (v1.23.1 at least)
-
git clone https://github.com/v1sc0/stopemailspoofing.git cd stopemailspoofing/ go build
./stopemailspoofing
