Skip to content

easybill/spf-check

BranchesTags

Repository files navigation

SPF Check

A high-performance web service that checks if a target domain is included (directly or indirectly) in another domain's SPF (Sender Policy Framework) record chain.

Features

  • 🚀 Fast asynchronous DNS lookups
  • 🔄 Recursive checking of SPF include chains
  • 📋 Returns complete SPF record and include chain information
  • 💓 Health check endpoint
  • 🔒 Secure and efficient with Rust
  • 🌐 Easy to use HTML UI

API

Check SPF Record

Checks if a target domain is included in another domain's SPF record chain.

GET /api/v1/check-spf?domain={domain}&target={target}

Parameters

  • domain: The domain to check the SPF record for (e.g., example.com)
  • target: The domain to look for in the SPF include chain (e.g., _spf.example.com)

Success Response

{
    "found": true,
    "checked_domains": 3,
    "domain": "example.com",
    "target": "spf.protection.outlook.com",
    "elapsed_ms": 42,
    "has_spf_record": true,
    "spf_record": "v=spf1 include:spf.protection.outlook.com -all",
    "included_domains": ["spf.protection.outlook.com"],
    "fallback_check": false
}
  • found: Boolean indicating if the target was found in the SPF chain
  • checked_domains: Number of domains checked in the process
  • domain: The original domain that was checked
  • target: The domain that was searched for
  • elapsed_ms: Time taken for the check in milliseconds
  • has_spf_record: Boolean indicating if the domain has an SPF record
  • spf_record: The complete SPF record of the main domain (if exists, otherwise null)
  • included_domains: List of domains included in the main SPF record (if exists, otherwise null)
  • fallback_check: Boolean indicating if a fallback check was performed (if the target was not found in the SPF record)

Error Response

{
    "error": "DNS_LOOKUP_FAILED"
}

Common error codes:

  • DNS_LOOKUP_FAILED: Unable to perform DNS lookup or TXT record does not exist
  • SPF_PARSE_FAILED: Invalid SPF record format

Health Check

GET /health

Returns 200 OK if the service is running.

HTML UI

http://localhost:8080/ui

Returns a simple HTML UI for checking SPF records.

Example Usage

Check if outlook.com's SPF is included in example.com's SPF chain:

curl "http://localhost:8080/api/v1/check-spf?domain=example.com&target=spf.protection.outlook.com"

Installation

  1. Ensure you have Rust installed
  2. Clone the repository
  3. Build and run:
cargo build --release
./target/release/spf-check

The service will listen on 0.0.0.0:8080 by default.

Performance

  • Asynchronous processing allows handling multiple requests simultaneously
  • Each request maintains its own state, preventing cross-request interference
  • Efficient DNS caching through the trust-dns-resolver

Dependencies

  • axum: Web framework
  • tokio: Async runtime
  • trust-dns-resolver: DNS resolution
  • decon-spf: SPF record parsing
  • serde: Serialization/Deserialization
  • chrono: Timestamp formatting

About

Fast web service to validate SPF record chains and check domain inclusions in DNS SPF records.

Topics

rust microservice spf tokio-rs

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

2 stars

Watchers

5 watching

Forks

0 forks
Report repository

Releases 4

0.1.3 Latest
Jul 7, 2025
+ 3 releases

Packages

No packages published

Contributors 2

  •  
  •  

Languages