emailsec

Repository: https://github.com/yourusername/emailsec

Documentation: https://yourusername.github.io/emailsec

PyPI: https://pypi.org/project/emailsec

builds.sr.ht status

emailsec authenticates incoming emails with SPF, DKIM, DMARC, and ARC.

This project is still in early development.

Authentication Protocols

  • SPF (Sender Policy Framework) - RFC 7208
    Verifies the sending IP address is authorized to send email for a domain

  • DKIM (DomainKeys Identified Mail) - RFC 6376
    Validates email authenticity using cryptographic signatures

  • DMARC (Domain-based Message Authentication, Reporting, and Conformance) - RFC 7489
    Combines SPF and DKIM results with policy enforcement

  • ARC (Authenticated Received Chain) - RFC 8617
    Preserves authentication results across email forwarding

Sender Policy Framework

RFC 7208-compliant parser and checker.

Parser

>>> from emailsec.spf.parser import parse_record
>>> parse_record("v=spf1 +a mx/30 mx:example.org/30 -all")
[A(qualifier=<Qualifier.PASS: '+'>, domain_spec=None, cidr=None),
 MX(qualifier=<Qualifier.PASS: '+'>, domain_spec=None, cidr='/30'),
 MX(qualifier=<Qualifier.PASS: '+'>, domain_spec='example.org', cidr='/30'),
 All(qualifier=<Qualifier.FAIL: '-'>)]

Checker

>>> import asyncio
>>> from emailsec.spf import check_spf
>>> asyncio.run(check_spf(sender_ip="192.0.2.10", sender="hello@example.com"))
SPFCheck(result=<SPFResult.PASS: 'pass'>, domain='example.com', explanation='')

Complete Email Authentication

>>> import asyncio
>>> from emailsec import authenticate_message, SMTPContext
>>>
>>> smtp_ctx = SMTPContext(
...     client_ip="192.0.2.10",
...     envelope_sender="sender@example.com",
...     envelope_recipients=["recipient@company.com"]
... )
>>>
>>> raw_email = b"""From: sender@example.com
... To: recipient@company.com
... Subject: Test Message
...
... Hello world!"""
>>>
>>> asyncio.run(authenticate_message(smtp_ctx, raw_email))

Contribution

Contributions are welcome but please open an issue to start a discussion before starting something consequent.

License

Copyright (c) 2025 Thomas Sileo and contributors. Released under the MIT license.

 1"""
 2**Repository:** https://github.com/yourusername/emailsec
 3
 4**Documentation:** https://yourusername.github.io/emailsec
 5
 6**PyPI:** https://pypi.org/project/emailsec
 7
 8.. include:: ../../README.md
 9   :start-line: 1
10"""