Logo

Docs

mxcheck examples

mxcheck is a command line tool. Therefore all examples are using your local terminal.

Quickstart

A minimal run just needs the -s flag. The flag provides the service that is going to be checked.

mxcheck queries all MX entries and then gathers more DNS information. After that it starts a port scan, reads the server flag, compares hostname to PTR entry, StartTLS and the validity of certificates. It also checks if the server leaks information by supporting the VRFY command. After that it checks if the mail server is an open relay by trying to send an e-mail without authentication.

tl;dr:

mxcheck -s example.com

The result looks like this. Depending on your terminal emulator, the findings will be red or green marked:

INFO:  2023/03/01 13:52:47 Checking: example.com
INFO:  2023/03/01 13:52:47 Found MX:
INFO:  2023/03/01 13:52:47          mx01.example.com.
INFO:  2023/03/01 13:52:47 Continue [y/n]: y
INFO:  2023/03/01 13:52:51 Checking for A record
INFO:  2023/03/01 13:52:51 IP address MX: 166.255.256.162
INFO:  2023/03/01 13:52:51 AS Number: 2033
INFO:  2023/03/01 13:52:51 AS Country: US
INFO:  2023/03/01 13:52:51 Checking for PTR record
INFO:  2023/03/01 13:52:52 PTR entry: mx01.example.com.
INFO:  2023/03/01 13:52:52 PTR matches MX record
INFO:  2023/03/01 13:52:52 Checking for SPF record
INFO:  2023/03/01 13:52:52 SPF set
INFO:  2023/03/01 13:52:52 example.com.	3600	IN	TXT	"v=spf1 mx a ip4:266.14.5.162/32 a:mx01.example.com~all"
INFO:  2023/03/01 13:52:52 Checking for MTA-STS
INFO:  2023/03/01 13:52:52 MTA-STS not set
INFO:  2023/03/01 13:52:52 Checking for open e-mail ports
INFO:  2023/03/01 13:53:12 Open ports: [25]
INFO:  2023/03/01 13:53:12 Checking for open relay
INFO:  2023/03/01 13:53:15 Server Banner: 220 mx01.example.COM ESMTP Postfix
INFO:  2023/03/01 13:53:15 StartTLS supported
INFO:  2023/03/01 13:53:15 Certificate is valid
INFO:  2023/03/01 13:53:15 VRFY command not supported.
INFO:  2023/03/01 13:53:15 Fake sender accepted.
INFO:  2023/03/01 13:53:15 Recipient not accepted. Skipped further open relay tests.
INFO:  2023/03/01 13:53:15 Server is not an open relay

INFO:  2023/03/01 13:53:15 Test finished.

Check for authentication

There is no check whether the server needs authentication. However, you can do two runs:

The first one uses a from and to address outside the mail server’s scope, e.g.:

mxcheck -s example.com -f info@baz.com -t boss@foo.org

The second one uses a from and a to address from the mail server’s scope, e.g.:

mxcheck -s example.com -f info@example.com -t boss@example.com

If the first one returns Server is not an open relay and the second one returns Server is probably an open relay the server is not an open relay, but you can send mails from local to local addresses without authentication