A service to test mail servers for best practices.
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
api
config
db
dns
mail
template
util
.gitignore
.travis.yml
Corefile
LICENSE
README.md
config.json
main.go

README.md

Gophish Healthcheck

Build Status GoDoc

A service to test mail servers for best practices.

Current Status

This is considered pre-alpha at this point. Development is still very much ongoing.

Testing for Best Practices

When setting up a mail server, there's huge lists of best practices that describe what security settings to apply. Things like enforcing email authentication (SPF, DKIM, DMARC), filtering out certain attachment filetypes, adding external subject tags, and more.

Setting up the configuration can be tricky enough, but how do you test it? Not only that, but how do you continously test it to make sure your security policy doesn't decrease over time? And then how do you test every mail server?

That's the problem that Gophish Healthcheck aims to solve.

What Does it Test?

To start, Gophish Healthcheck is going to let you send emails that either pass or fail email authentication. That is, we test:

  • SPF
  • DKIM
  • DMARC

Once this is working, we'll add support for various attachment types, such as office documents with macros, executable files, and more.

If you have a different test you'd like to see added, let us know!