Detecting DKIM and DMARC settings

Question

I am trying to build a tool to check for the presence of DKIM and DMARC for a particular domain. The issue with detecting DKIM is that I cannot check the TXT record of the domain because the DKIM selector is unknown to me as this is a query that will be run without recipient of an email from that sender. I also cannot find useful information on grabbing DMARC policies via PHP either. I've been trying the last two days and all I've managed to nail is an SPF check.

Any help provided would be appreciated!

Answer 1

As you said you're not going to be able to grab the DKIM record, because you won't know what the selector is, unless you have a signed email from that domain.

However, the DMARC check is just like the SPF Check. You're looking for a TXT record under _dmarc.exampledomain.com that starts with v=DMARC1

When you do SPF you're looking for a TXT record under EXAMPLEDOMAIN.COM that starts with v=spf1, It's pretty much the same the same you just need to add the _dmarc. in from of the domain name before you do the lookup.

Answer 2

@Brijesh Tanwar - Can you please send the code. how to get DKIM and DMARC records. I have tried this but it's not working for me.

To check DMARC

$result = dns_get_record("_dmarc.yourdomain.com",DNS_TXT);
print_r($result);

To check SPF

$result = dns_get_record("yourdomain.com",DNS_TXT);
print_r($result);

To check DKIM (if you know the selector)

$result = dns_get_record("selector._domainkey.yourdomain.com.",DNS_TXT);
print_r($result);