Quick MX Auth Lookup Tool Changelog ------------------------------------- Things still to do: 1. DMARC records that have no "ruf" tag, and thus no failure reporting options ("fo" tag), should be ignored. 2. Need to add checking for "ruf" value in DMARC (need examples for testing, please, if you find them) 3. Fix bug where domain without mx, or failing dns, doesn't report rocketscum. (fringe issue, but if you see examples, let me know) 4. Need examples of Yahoo and other major ISP DKIM _domainkey TXT record names to add DKIM parsing ability for those records. 5. Add custom TXT names for DKIM lookups for the major mail ISP's like Google and such. Also need a way to look up Microsoft DKIM records as they don't seem to have any consistency on how they were added or implemented. Yay, Microsoft, for lack of consistency. -_-;; These are items that are rare, so they may not need to ever be done, as I've only seen them once so far. ------------------------------------- v0.59 - UI changes to move NS records under the registrar block. v0.58 - Fixed bug preventing loading of SPF records on subdomains without mx records. v0.57 - Fixed bug caused by unknown TLDs. v0.56 - Updated registrar lookup code from shell_exec based code to native PHP. Fixed issue with IPv6 SPF records incorrectly reporting as invalid/wrong. v0.55 - Fixed whois timeout issue causing script to run extremely long only to unsuccessfully complete registrar info. A timeout has been added and will stop the registrar lookup at 10 seconds if it either hangs, or fails to complete the lookup in a timely manner. v0.54 - Added registrar lookup. It may not work for every domain, but it should work for most of them. v0.53 - Fixed how the base URL is determined so that nothing needs to be done in the file itself when installing. Just drop it in wherever you want to use it, and off you go! v0.52 - Minor backend changes to make the script portable. v0.51 - Fixed small oops bug I accidently created in the code where it wasn't creating the right URL for copy/paste in the browser address bar. v0.50 - Moved submit button in line with search box to reduce screen usage. Added link to instructions file for using the console API. Added error notice under "RDNS Server Hostname IP List" header for when no IP's are found. v0.49 - Added ability to copy individual page elements. v0.48 - Fixed bug in dark theme. Fixed error catching for dmarc records when dmarc value includes item id, but no value with it. v0.47 - Dark mode fixes. Yes, I boomed a few things. ^_^;; v0.46 - Added dark mode...finally. Sorry for taking so long. ^_^;; To use this feature, just point your browser to https://rocketscum.net/scripts/quickmxauth.php/d/ <- Cookies are not being used for this as they've proven to be too unreliable. So a hard coded link is being used instead. v0.45 - Bug fixes. SPF counter was broke. v0.44 - Bug fix for SPF tracking. Empty values gave false positives. This has been fixed. v0.43 - Fixed error highlighting on SPF to avoid false positives. Added peliminary IPv6 SPF record checking. Works like IPv4, but for v6 IP's. v0.42 - Fixed handling of A, MX and PTR records in SPF which contain hostnames rather than IP's. Added IP owner for MX and NS records. This feature is still kinda beta, so please let me know if these don't report right for any reason. Thanks. Also added PBE email flag. Let me know if you need any other mail services flagged. v0.41 - Added DNS check to look for domains failing RFC by not having an A record for the domain itself, yet it possesses MX records. Also added ISP info for main domain IP. IP owner for other records such as MX and NS coming in future update. Gotta make sure it works right for the domain first. Removed reset button on form as it's not really needed. v0.40 - Added "rebound" option for failed domain lookups in case a typo was made. This prevents having to retype everything. v0.39 - Fixed counting bug with SPF records where A and MX entries would get double counted leading to false positives of >13 entries when there really weren't. v0.38 - Fixed bug where a dot at the end gave a bad lookup. v0.37 - Fixed bug with SPF length reporting function. v0.36 - Added duplicate DKIM alert message. Minor UI tweaks. Fixed bug in copy block. v0.35 - Bug fix. "RDNS Server Hostname IP List" would report this script's server's IP instead of NA when no hostname A record or IP available. v0.34 - Bug fix. I boofed my formatting on the last update. ^_^;; Also found a counting bug in the script. v0.33 - Added test for duplicate dmarc and spf records. Now it not only shows the duplicate records, but also adds a red warning flag. DKIM has been skipped for now for that flag as duplicates on that are pretty easy to spot, and super rare. v0.32 - Bug fix. The function that removes www from a domain name was unintentionally truncating some domain names, giving false positive "domain not found" errors. v0.31 - Added RNDS IP list with ip highlighting to verify if rdns lookups are working right. Added autofocus for input box to form on main page to eliminate need to click in the box anymore. v0.30 - Bug fixes and UI tweaks. Moved "domain not found" error message into main form box for easier viewing, and quicker lookup reattempts. v0.29 - Enlarged input box, and made font larger, so easier to read. Added ability to parse not just URL's or domains for mail auth info, but also emails now. v0.28 - Minor bug fixes, mostly in the copy block. v0.27 - Minor UI improvements. v0.26 - Added ability to call the script from curl via AP. To use the API feature, open a console window and enter "curl https://rocketscum.net/test/quickmxauth.php/c/" at the command line, then hit enter, to pull up info on the domain you're querying. Example: curl https://rocketscum.net/test/quickmxauth.php/c/google.com <- This will bring up the same text as can be found in the text copy block you would find on themain webpage. This is good for automations. Also added SPF length check. Entries with more than 13 entries automatically fail. v0.25 - Added test for missing A record on rDNS server hostname. If the rDNS record test fails, AND there's no server hostname to match with rDNS, it'll throw up a flag for missing A record. Otherwise, if it's just a normal mismatch, it'll show the standard "rDNS does not match hostname" error. v0.24 - Fixed bug with new MX and NS IP verification function, as it was falsely reporting no A record on MX records with round robin IP's. v0.23 - Fixed bug where, if no A record or IP/glue record was specified for either the MX or NS records, it would pull up an invalid IP (my server) instead of responding with a "not found" error message. Added "(ip_address)" output to copy block for domain name so it lines up with the output of the regular page. v0.22 - Fixed bug where double dmarc records showed in the main display section, but not in the copy block. v0.21 - Fixed bug in copy text block for nameservers. All entries were reporting the same IP rather than the unique ones. v0.20 - Fixed bug with certain "out of band" SPF and DMARC records that broke syntax checking, yet are RFC valid. v0.19 - Bug fixes. Minor UI improvements. v0.18 - Bug fixes. Minor UI improvements. v0.17 - Further improvements on syntax checking for SPF and DMARC. SPF syntax checking finalized. DMARC checking finalized. Added SPF/DMARC record failure syntax highlighting to show when a particular part of a record fails. All that remains now is to look for edge cases to add further checks and failsafes to the syntax testing. v0.16 - Further improvements on syntax checking for SPF and DMARC. A marker denoting that syntax checker results are considered "beta" was added. v0.15 - Added source of mail auth output in copy block for SF note origin reference. Added informational icons to explain each section and their shell equivalent commands. Added SPF and DMARC syntax tests. These are only currently in prototype form, so please doublecheck syntax when reviewing SPF and DMARC. DKIM syntax checking is not possible at this time, but may be added in a later version. v0.14 - Bug fixes mostly. Fixed display of copy block when 3rd party mail services, like Outlook, generate alert notices. Added rdns forward/reverse verification. Still trialing this. Please let me know if you have feedback on this. v0.13 - Fixed results output so that the correct word case is properly displayed on records like DKIM and SPF. v0.12 - UI improvements. Fixed bug in copy pasta block for dmarc reporting. v0.11 - Took script out of beta. Fixed copy text so it's better formatted. Fixed domain/url verification. If NX domain it now reports it as such. It also handles URL's better when doing domain mx verification. Also added some UI changes for easier use and viewing. v0.10 - Fixed bug with spf record listing giving bad results if no txt record exists. v0.9 - Fixed one click copy button bug for Chrome and Windows browsers. v0.8 - Added copy/paste block, and quick copy button for text formatted output. v0.7 - Fixed bug with rdns lookup if no rdns present. Also, set ip info to pull off last mx record rather than domain itself. Improved layout and look to be easier on the eyes and better presented. v0.6 - Added better sanity checks for extraneous characters in domain name and URL. Fixed bugs with URL validation and parsing. Added "test another" form to bottom of page. Added checks for non-resolving domains. v0.5 - Added IP addresses to mail/ns servers and domain. Added rdns lookup for mx server. v0.4 - Cleaned up URL that the script generates to create a nice and clean copy/paste link to use in your notes or to customers. Moved from alpha to beta state. v0.3 - Added "Domain Queried" listing at the top of the page to show what was searched for mx auth info. Fixed domain failing validation if spaces present at beginning or end. Added specialized tests for protonmail. v0.2 - Added permalink, error trapping, debugging for domain lookup failures. v0.1 - Initial beta, testing, proof of concept