The list of DMARC et al deployment tools
https://dmarc.org/resources/deployment-tools/#Message_Validation
identifies
"DMARC, DKIM and SPF Test System at NIST"
https://www.had-pilot.com/
as one of available tests.
afaict, it's the only (?) test site that provides simple checks of
*inbound* to locally-deployed, Postfix-integrated authentication
services; e.g.,
bad-spf - Ask for a message that will fail SPF checks. A reply (sent to
the MAIL FROM address) will be sent from the test system. This reply
will have a spoofed MAIL FROM address, that will result in a failed SPF
check. This is to test receiver SPF checking code.
bad-dkim - Ask for a message that will fail DKIM validation. A reply
(sent to the MAIL FROM address) will be sent from the test system. This
reply will have a DKIM signature that cannot be validated by the DKIM
key stored in the DNS with the stated selector.
non-align - Ask for a message that will fail DMARC policy validation. A
reply (sent to the MAIL FROM address) will be sent from the test system.
The message has a spoofed "from:" address that should fail DMARC
alignment checks.
The trigger address,
tes...@email-test.had.dnsops.gov
appears to be non-functional. Seems to be missing a DNS record ...
Anyone here know of its status?
&/or, is there another available tool that does the same -- testing inbound?
