Skip to content

Instantly share code, notes, and snippets.

@seanthegeek

seanthegeek/checkdmarc-banking.json

Created October 29, 2024 14:40
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save seanthegeek/61b2634de4a1377af74d6ac7b0b0ff5b to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save seanthegeek/61b2634de4a1377af74d6ac7b0b0ff5b to your computer and use it in GitHub Desktop.
Download ZIP
Output of checkdmarc --skip-tls ally.com bankofamerica.com chase.com
Raw
checkdmarc-banking.json
[
{
"domain": "ally.com",
"base_domain": "ally.com",
"dnssec": false,
"ns": {
"hostnames": [
"gns5.ally.com",
"gns8.ally.com",
"gns7.ally.com",
"gns6.ally.com"
],
"warnings": []
},
"mx": {
"hosts": [
{
"preference": 10,
"hostname": "mxa-00239e02.gslb.pphosted.com",
"addresses": [
"205.220.165.100"
],
"dnssec": false
},
{
"preference": 10,
"hostname": "mxb-00239e02.gslb.pphosted.com",
"addresses": [
"205.220.165.100"
],
"dnssec": false
}
],
"warnings": []
},
"mta_sts": {
"valid": false,
"error": "An MTA-STS DNS record does not exist for this domain"
},
"spf": {
"record": "v=spf1 include:%{ir}.%{v}.%{d}.spf.has.pphosted.com ~all",
"valid": true,
"dns_lookups": 1,
"dns_void_lookups": 0,
"warnings": [],
"parsed": {
"pass": [],
"neutral": [],
"softfail": [],
"fail": [],
"include": [
{
"domain": "%{ir}.%{v}.%{d}.spf.has.pphosted.com"
}
],
"redirect": null,
"exp": null,
"all": "softfail"
}
},
"dmarc": {
"record": "v=DMARC1; p=reject; fo=1; ri=3600; rua=mailto:dmarc_rua@emaildefense.proofpoint.com; ruf=mailto:dmarc_ruf@emaildefense.proofpoint.com",
"valid": true,
"location": "ally.com",
"warnings": [],
"tags": {
"v": {
"value": "DMARC1",
"explicit": true
},
"p": {
"value": "reject",
"explicit": true
},
"fo": {
"value": "1",
"explicit": true
},
"ri": {
"value": 3600,
"explicit": true
},
"rua": {
"value": [
{
"scheme": "mailto",
"address": "dmarc_rua@emaildefense.proofpoint.com",
"size_limit": null
}
],
"explicit": true
},
"ruf": {
"value": [
{
"scheme": "mailto",
"address": "dmarc_ruf@emaildefense.proofpoint.com",
"size_limit": null
}
],
"explicit": true
},
"adkim": {
"value": "r",
"explicit": false
},
"aspf": {
"value": "r",
"explicit": false
},
"pct": {
"value": 100,
"explicit": false
},
"rf": {
"value": "afrf",
"explicit": false
},
"sp": {
"value": "reject",
"explicit": false
}
}
},
"smtp_tls_reporting": {
"valid": false,
"error": "An SMTP TLS Reporting DNS record does not exist for this domain"
},
"bimi": {
"record": "v=BIMI1; l=https://bimi.entrust.net/ally.com/logo.svg;a=https://bimi.entrust.net/ally.com/certchain.pem",
"valid": true,
"selector": "default",
"tags": {
"v": {
"value": "BIMI1"
},
"l": {
"value": "https://bimi.entrust.net/ally.com/logo.svg"
},
"a": {
"value": "https://bimi.entrust.net/ally.com/certchain.pem"
}
},
"image": {
"svg_version": "1.2",
"base_profile": "tiny-ps",
"title": "Ally",
"width": 400.0,
"height": 400.0,
"filesize": "0.867 KB",
"sha256": "154ecfb3469a620b58e10051ec77cd4644321812741e21ff5a9c3bc0a7c04117"
},
"certificate": {
"issuer": {
"C": "US",
"O": "Entrust, Inc.",
"CN": "Entrust Verified Mark CA - VMC2"
},
"subject": {
"C": "US",
"ST": "Michigan",
"L": "Detroit",
"street": "200 Renaissance Ctr",
"jurisdictionC": "US",
"jurisdictionST": "Delaware",
"O": "Ally Financial Inc.",
"businessCategory": "Private Organization",
"serialNumber": "2720811",
"UNDEF": "United States Patent and Trademark Office (USPTO)",
"CN": "Ally Financial Inc."
},
"serial_number": "49954278744903885952847991743177486124",
"expires": "2024-12-03 21:15:34Z",
"valid": true,
"domains": [
"ally.com"
],
"logotype_sha256": "154ecfb3469a620b58e10051ec77cd4644321812741e21ff5a9c3bc0a7c04117"
},
"warnings": []
}
},
{
"domain": "bankofamerica.com",
"base_domain": "bankofamerica.com",
"dnssec": true,
"ns": {
"hostnames": [
"ns6.bac.com",
"ns12.bac.com",
"ns7.bac.com",
"ns11.bac.com",
"ns5.bac.com",
"ns10.bac.com",
"ns8.bac.com"
],
"warnings": []
},
"mx": {
"hosts": [
{
"preference": 10,
"hostname": "mxa-0000ec05.gslb.pphosted.com",
"addresses": [
"208.84.65.230"
],
"dnssec": false
},
{
"preference": 10,
"hostname": "mxb-0000ec05.gslb.pphosted.com",
"addresses": [
"208.86.201.225"
],
"dnssec": false
}
],
"warnings": []
},
"mta_sts": {
"valid": false,
"error": "An MTA-STS DNS record does not exist for this domain"
},
"spf": {
"record": "v=spf1 ip4:171.161.41.178 ip4:171.159.227.167 ip4:171.161.147.155 include:spf-0000ec08.pphosted.com include:spf-0000ec15.pphosted.com ~all",
"valid": true,
"dns_lookups": 2,
"dns_void_lookups": 0,
"warnings": [],
"parsed": {
"pass": [
{
"value": "171.161.41.178",
"mechanism": "ip4"
},
{
"value": "171.159.227.167",
"mechanism": "ip4"
},
{
"value": "171.161.147.155",
"mechanism": "ip4"
}
],
"neutral": [],
"softfail": [],
"fail": [],
"include": [
{
"domain": "spf-0000ec08.pphosted.com",
"record": "v=spf1 ip4:148.163.158.107 ip4:148.163.156.110",
"dns_lookups": 0,
"dns_void_lookups": 0,
"parsed": {
"pass": [
{
"value": "148.163.158.107",
"mechanism": "ip4"
},
{
"value": "148.163.156.110",
"mechanism": "ip4"
}
],
"neutral": [],
"softfail": [],
"fail": [],
"include": [],
"redirect": null,
"exp": null,
"all": "neutral"
},
"warnings": []
},
{
"domain": "spf-0000ec15.pphosted.com",
"record": "v=spf1 ip4:66.159.240.40 ip4:66.159.238.13",
"dns_lookups": 0,
"dns_void_lookups": 0,
"parsed": {
"pass": [
{
"value": "66.159.240.40",
"mechanism": "ip4"
},
{
"value": "66.159.238.13",
"mechanism": "ip4"
}
],
"neutral": [],
"softfail": [],
"fail": [],
"include": [],
"redirect": null,
"exp": null,
"all": "neutral"
},
"warnings": []
}
],
"redirect": null,
"exp": null,
"all": "softfail"
}
},
"dmarc": {
"record": "v=DMARC1; p=reject; fo=1; rua=mailto:auth.report_ns@bankofamerica.com; ruf=mailto:bankofamerica@ruf.agari.com",
"valid": true,
"location": "bankofamerica.com",
"warnings": [],
"tags": {
"v": {
"value": "DMARC1",
"explicit": true
},
"p": {
"value": "reject",
"explicit": true
},
"fo": {
"value": "1",
"explicit": true
},
"rua": {
"value": [
{
"scheme": "mailto",
"address": "auth.report_ns@bankofamerica.com",
"size_limit": null
}
],
"explicit": true
},
"ruf": {
"value": [
{
"scheme": "mailto",
"address": "bankofamerica@ruf.agari.com",
"size_limit": null
}
],
"explicit": true
},
"adkim": {
"value": "r",
"explicit": false
},
"aspf": {
"value": "r",
"explicit": false
},
"pct": {
"value": 100,
"explicit": false
},
"rf": {
"value": "afrf",
"explicit": false
},
"ri": {
"value": 86400,
"explicit": false
},
"sp": {
"value": "reject",
"explicit": false
}
}
},
"smtp_tls_reporting": {
"valid": false,
"error": "An SMTP TLS Reporting DNS record does not exist for this domain"
},
"bimi": {
"record": "v=BIMI1; l=https://bimi.entrust.net/bankofamerica.com/logo.svg; a=https://bimi.entrust.net/bankofamerica.com/certchain.pem",
"valid": true,
"selector": "default",
"tags": {
"v": {
"value": "BIMI1"
},
"l": {
"value": "https://bimi.entrust.net/bankofamerica.com/logo.svg"
},
"a": {
"value": "https://bimi.entrust.net/bankofamerica.com/certchain.pem"
}
},
"image": {
"svg_version": "1.2",
"base_profile": "tiny-ps",
"title": "Bank of America",
"width": 405.4,
"height": 405.4,
"filesize": "1.369 KB",
"sha256": "f46597c77046058e9b7e1b1c666aeb9d61155fc6549cef4114900a6e5f7125dd"
},
"certificate": {
"issuer": {
"C": "US",
"O": "Entrust, Inc.",
"CN": "Entrust Verified Mark CA - VMC2"
},
"subject": {
"C": "US",
"ST": "Illinois",
"L": "Chicago",
"street": "135 S La Salle St",
"jurisdictionC": "US",
"jurisdictionST": "Delaware",
"O": "Bank of America Corporation",
"businessCategory": "Private Organization",
"serialNumber": "2927442",
"UNDEF": "United States Patent and Trademark Office (USPTO)",
"CN": "Bank of America Corporation"
},
"serial_number": "31169944882148210039451758842250145422",
"expires": "2025-06-10 09:23:03Z",
"valid": true,
"domains": [
"bankofamerica.com"
],
"logotype_sha256": "f46597c77046058e9b7e1b1c666aeb9d61155fc6549cef4114900a6e5f7125dd"
},
"warnings": []
}
},
{
"domain": "chase.com",
"base_domain": "chase.com",
"dnssec": false,
"ns": {
"hostnames": [
"ns05.jpmorganchase.com",
"ns1.jpmorganchase.com",
"ns06.jpmorganchase.com",
"ns0119.secondary.cloudflare.com",
"ns0140.secondary.cloudflare.com",
"ns2.jpmorganchase.com"
],
"warnings": []
},
"mx": {
"hosts": [
{
"preference": 10,
"hostname": "cluster14.us.messagelabs.com",
"addresses": [
"67.219.246.221",
"67.219.247.200",
"67.219.250.210"
],
"dnssec": true
},
{
"preference": 20,
"hostname": "cluster14.us.messagelabs.com",
"addresses": []
},
{
"preference": 30,
"hostname": "cluster14.us.messagelabs.com",
"addresses": []
},
{
"preference": 40,
"hostname": "cluster14a.us.messagelabs.com",
"addresses": [
"67.219.246.221",
"67.219.247.200",
"67.219.250.210"
],
"dnssec": true
}
],
"warnings": [
"Hostname cluster14.us.messagelabs.com is listed in multiple MX records"
]
},
"mta_sts": {
"valid": false,
"error": "Unrelated TXT records were discovered. These should be removed, as some receivers may not expect to find unrelated TXT records at _mta-sts.chase.com\n\nv=spf1 -all"
},
"spf": {
"record": "v=spf1 exists:%{i}.spf.chase.com exists:%{i}.spf.hc4673-96.iphmx.com exists:%{i}.spf.hc4698-8.iphmx.com include:tpo.chase.com ip4:207.162.228.0/24 ip4:207.162.229.0/24 ip4:207.162.225.0/24 ip4:196.37.232.50 ip4:159.53.46.0/24 ip4:159.53.36.0/24 ip4:159.53.110.0/24 ip4:159.53.78.0/24 -all",
"valid": true,
"dns_lookups": 4,
"dns_void_lookups": 0,
"warnings": [],
"parsed": {
"pass": [
{
"value": "%{i}.spf.chase.com",
"mechanism": "exists"
},
{
"value": "%{i}.spf.hc4673-96.iphmx.com",
"mechanism": "exists"
},
{
"value": "%{i}.spf.hc4698-8.iphmx.com",
"mechanism": "exists"
},
{
"value": "207.162.228.0/24",
"mechanism": "ip4"
},
{
"value": "207.162.229.0/24",
"mechanism": "ip4"
},
{
"value": "207.162.225.0/24",
"mechanism": "ip4"
},
{
"value": "196.37.232.50",
"mechanism": "ip4"
},
{
"value": "159.53.46.0/24",
"mechanism": "ip4"
},
{
"value": "159.53.36.0/24",
"mechanism": "ip4"
},
{
"value": "159.53.110.0/24",
"mechanism": "ip4"
},
{
"value": "159.53.78.0/24",
"mechanism": "ip4"
}
],
"neutral": [],
"softfail": [],
"fail": [],
"include": [
{
"domain": "tpo.chase.com",
"record": "v=spf1 ip4:68.233.76.14/32 ip4:63.150.74.35/32 ip4:198.64.159.0/24 ip4:198.104.137.206/32 ip4:161.58.88.0/24 -all",
"dns_lookups": 0,
"dns_void_lookups": 0,
"parsed": {
"pass": [
{
"value": "68.233.76.14/32",
"mechanism": "ip4"
},
{
"value": "63.150.74.35/32",
"mechanism": "ip4"
},
{
"value": "198.64.159.0/24",
"mechanism": "ip4"
},
{
"value": "198.104.137.206/32",
"mechanism": "ip4"
},
{
"value": "161.58.88.0/24",
"mechanism": "ip4"
}
],
"neutral": [],
"softfail": [],
"fail": [],
"include": [],
"redirect": null,
"exp": null,
"all": "fail"
},
"warnings": []
}
],
"redirect": null,
"exp": null,
"all": "fail"
}
},
"dmarc": {
"record": "v=DMARC1; p=reject; pct=100; rua=mailto:d@rua.agari.com; ruf=mailto:d@ruf.agari.com;",
"valid": true,
"location": "chase.com",
"warnings": [],
"tags": {
"v": {
"value": "DMARC1",
"explicit": true
},
"p": {
"value": "reject",
"explicit": true
},
"pct": {
"value": 100,
"explicit": true
},
"rua": {
"value": [
{
"scheme": "mailto",
"address": "d@rua.agari.com",
"size_limit": null
}
],
"explicit": true
},
"ruf": {
"value": [
{
"scheme": "mailto",
"address": "d@ruf.agari.com",
"size_limit": null
}
],
"explicit": true
},
"adkim": {
"value": "r",
"explicit": false
},
"aspf": {
"value": "r",
"explicit": false
},
"fo": {
"value": "0",
"explicit": false
},
"rf": {
"value": "afrf",
"explicit": false
},
"ri": {
"value": 86400,
"explicit": false
},
"sp": {
"value": "reject",
"explicit": false
}
}
},
"smtp_tls_reporting": {
"valid": false,
"error": "Unrelated TXT records were discovered. These should be removed, as some receivers may not expect to find unrelated TXT records at _smtp._tls.chase.com\n\nv=spf1 -all"
},
"bimi": {
"record": "v=BIMI1;l=https://vmc.digicert.com/56fc8a64-c1ec-48b1-9f70-ae068ebbe8d0.svg;a=https://vmc.digicert.com/56fc8a64-c1ec-48b1-9f70-ae068ebbe8d0.pem",
"valid": true,
"selector": "default",
"tags": {
"v": {
"value": "BIMI1"
},
"l": {
"value": "https://vmc.digicert.com/56fc8a64-c1ec-48b1-9f70-ae068ebbe8d0.svg"
},
"a": {
"value": "https://vmc.digicert.com/56fc8a64-c1ec-48b1-9f70-ae068ebbe8d0.pem"
}
},
"image": {
"svg_version": "1.2",
"base_profile": "tiny-ps",
"title": "JPMorgan Chase & Co.",
"width": 46.0,
"height": 46.0,
"filesize": "0.653 KB",
"sha256": "690db5aeb3faf7b176e463f2f6ce67c360d8e156611266ed08fd7254d480a12d"
},
"certificate": {
"issuer": {
"C": "US",
"O": "DigiCert, Inc.",
"CN": "DigiCert Verified Mark RSA4096 SHA256 2021 CA1"
},
"subject": {
"jurisdictionC": "US",
"jurisdictionST": "Delaware",
"businessCategory": "Private Organization",
"serialNumber": "691011",
"C": "US",
"ST": "New York",
"L": "New York",
"street": "383 Madison Ave",
"O": "JPMorgan Chase & Co.",
"CN": "JPMorgan Chase & Co.",
"UNDEF": "2015389"
},
"serial_number": "11616056282136456203786402451019966384",
"expires": "2025-08-14 23:59:59Z",
"valid": true,
"domains": [
"chase.com"
],
"logotype_sha256": "690db5aeb3faf7b176e463f2f6ce67c360d8e156611266ed08fd7254d480a12d"
},
"warnings": []
}
}
]
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment