A mail security scanner that audits SMTP servers and domain mail configuration. Performs both passive DNS-based checks and active connection-based checks.
go build -o smtp-tester .# Scan a domain (passive DNS checks only)
smtp-tester --domain example.com
# Scan a domain with connection-based checks
smtp-tester --domain example.com --invasive
# Scan a specific host directly
smtp-tester --host 192.168.1.10 --invasive
# Custom port and timeout
smtp-tester --domain example.com --port 587 --timeout 15 --invasive| Flag | Default | Description |
|---|---|---|
--domain |
Domain to scan (MX lookup + all DNS checks) | |
--host |
SMTP host IP/hostname to connect to directly | |
--port |
25 |
SMTP port |
--timeout |
10 |
Connection timeout in seconds |
--invasive |
false |
Enable connection-based checks |
| Check | Description |
|---|---|
| MX Lookup | Discovers mail servers, sorted by priority |
| SPF | Parses v=spf1 record, evaluates policy strength (-all, ~all, +all) |
| DMARC | Parses _dmarc TXT record, shows policy, subdomain policy, report addresses |
| DKIM | Probes 25+ common selectors (google, selector1, k1, default, etc.) |
| Reverse DNS (PTR) | Checks if PTR record matches forward hostname (FCrDNS) |
| DNSBL | Checks 8 major blacklists (Spamhaus, SpamCop, Barracuda, SORBS, etc.) |
| Check | Description |
|---|---|
| Banner Fingerprint | Grabs 220 banner, identifies server software (Postfix, Exim, Exchange, etc.) |
| EHLO Extensions | Parses AUTH methods, SIZE limit, PIPELINING, 8BITMIME, DSN, STARTTLS |
| STARTTLS + TLS Audit | Tests STARTTLS negotiation, TLS version, cipher, certificate validation |
| Open Relay | Tests if server relays mail for external addresses |
| Catch-All Detection | Tests if server accepts mail for any address |
| User Enumeration | VRFY then RCPT TO against a basic wordlist (25 common usernames) |
Always runs — checks if the SMTP port is reachable before attempting connection checks. Reports latency, timeout, or refused status.
smtp-tester/
├── main.go # CLI flags, orchestration
├── models/
│ └── models.go # Finding, ScanSummary, BasicWordlist
├── output/
│ ├── colors.go # ANSI color constants
│ └── display.go # Banner, status functions, summary printer
└── checks/
├── spf.go # SPF record check
├── dmarc.go # DMARC record check
├── dkim.go # DKIM selector probing
├── ptr.go # Reverse DNS check
├── dnsbl.go # Blacklist check
├── banner.go # SMTP banner fingerprinting
├── extensions.go # EHLO extensions parsing
├── tls.go # STARTTLS + certificate audit
├── relay.go # Open relay check
├── catchall.go # Catch-all detection
└── enumerate.go # User enumeration (VRFY/RCPT TO)
None. Use responsibly at your own risk on systems you are authorized to test.