spf和dmarc记录的python模块和命令行解析器
checkdmarc的Python项目详细描述
检查电弧
用于验证SPF和DMARC DNS记录的Python模块和命令行实用程序
usage: checkdmarc [-h] [-p] [--ns NS [NS ...]] [--mx MX [MX ...]] [-d] [-f FORMAT] [-o OUTPUT [OUTPUT ...]] [-n NAMESERVER [NAMESERVER ...]] [-t TIMEOUT] [-v] [-w WAIT] [--skip-tls] [--debug] domain [domain ...] Validates and parses SPF amd DMARC DNS records positional arguments: domain one or more domains, or a single path to a file containing a list of domains optional arguments: -h, --help show this help message and exit -p, --parked indicate that the domains are parked --ns NS [NS ...] approved nameserver substrings --mx MX [MX ...] approved MX hostname substrings -d, --descriptions include descriptions of DMARC tags in the JSON output -f FORMAT, --format FORMAT specify JSON or CSV screen output format -o OUTPUT [OUTPUT ...], --output OUTPUT [OUTPUT ...] one or more file paths to output to (must end in .json or .csv) (silences screen output) -n NAMESERVER [NAMESERVER ...], --nameserver NAMESERVER [NAMESERVER ...] nameservers to query (Default is Cloudflare's -t TIMEOUT, --timeout TIMEOUT number of seconds to wait for an answer from DNS (default 2.0) -v, --version show program's version number and exit -w WAIT, --wait WAIT number of seconds to wait between checking domains (default 0.0) --skip-tls skip TLS/SSL testing --debug enable debugging output
警告
强烈建议不要使用--nameserver/-n设置。 默认情况下,checkdmarc使用Cloudflare’s public resolvers, 比google,cisco opendns,或 即使是大多数本地解析器。
只有在网络阻止dns时,才应使用--nameservers/-n选项 请求外部解决程序。
$ checkdmarc fbi.gov
{"domain":"fbi.gov","base_domain":"fbi.gov","dnssec":true,"ns":{"hostnames":["a1.fbi.gov","a2.fbi.gov","a3.fbi.gov"],"warnings":[]},"mx":{"hosts":[{"preference":10,"hostname":"mx-east.fbi.gov","addresses":["153.31.160.5"],"tls":true,"starttls":true}],"warnings":[]},"spf":{"record":"v=spf1 +mx ip4:153.31.0.0/16 -all","valid":true,"dns_lookups":1,"warnings":[],"parsed":{"pass":[{"value":"mx-east.fbi.gov","mechanism":"mx"},{"value":"153.31.0.0/16","mechanism":"ip4"}],"neutral":[],"softfail":[],"fail":[],"include":[],"redirect":null,"exp":null,"all":"fail"}},"dmarc":{"record":"v=DMARC1; p=reject; rua=mailto:dmarc-feedback@fbi.gov,mailto:reports@dmarc.cyber.dhs.gov; ruf=mailto:dmarc-feedback@fbi.gov; pct=100","valid":true,"location":"fbi.gov","warnings":[],"tags":{"v":{"value":"DMARC1","explicit":true},"p":{"value":"reject","explicit":true},"rua":{"value":[{"scheme":"mailto","address":"dmarc-feedback@fbi.gov","size_limit":null},{"scheme":"mailto","address":"reports@dmarc.cyber.dhs.gov","size_limit":null}],"explicit":true},"ruf":{"value":[{"scheme":"mailto","address":"dmarc-feedback@fbi.gov","size_limit":null}],"explicit":true},"pct":{"value":100,"explicit":true},"adkim":{"value":"r","explicit":false},"aspf":{"value":"r","explicit":false},"fo":{"value":["0"],"explicit":false},"rf":{"value":["afrf"],"explicit":false},"ri":{"value":86400,"explicit":false},"sp":{"value":"reject","explicit":false}}}}
安装
checkdmarc需要python 3。
在debian或ubuntu系统上,运行:
$ sudo apt-get install python3-pip
python 3 windows和macos安装程序可以在https://www.python.org/downloads/
要在MacOS或Linux上安装或升级到最新稳定版本checkdmarc,请运行
$ sudo -H pip3 install -U checkdmarc
或者,直接从github安装最新的开发版本:
$ sudo -H pip3 install -U git+https://github.com/domainaware/checkdmarc.git
注意
在windows上,pip3是pip,即使使用python 3也是如此。所以在windows上,简单地说 用pip代替上述命令中的sudo pip3作为管理员。