Email Security Grader™
Test Your Mail Server
Email Security Grader (www.EmailSecurityGrader.com) is an online tool that provides useful information and diagnostics for IT administrators and Mail System managers interested in evaluating the level of security in their mail infrastructure.
Extensive and relevant Email Security Tests
Built around a very simple interface, ESG simply asks for the domain name you want to test. It will then conduct a series of tests and analysis:
- MX records check
- Reverse DNS test
- DNSBL (Spam Blacklist) check
- SPF record verification (server- and client-side)
- Open Relay test and Email format validation
- SMTP, POP3 and IMAP clear text authentication
Once the test is complete, ESG will present the user with a full Email Security Report, including a score (in percent), a rating (from very poor to very good security) as well as an extensive set of information ranging from what each test does to why it is important to solve the issue.
Detailed Email Security Report
The report includes detailed information on each test: what is being tested, and most importantly, why and what the consequences are:
- MX Connection Test: After reading the MX record from the DNS, ESG will attempt to connect to port 25 (smtp), 465 (smtp ssl), 587 (submission) and verify if Submission Auth is available.
- Reverse DNS Test: A DNS lookup and reverse lookup are performed on the IP and the hostname of the MX record.
- DNSBL Verification Test: ESG will check the IPs associated with your MX against 78 DNSBL systems to verify whether or not it may be blacklisted (spam blacklist).
- SPF Server Test: The test will verify whether or not your domain has a corresponding SPF record in the DNS and if its syntax is correct.
- SPF Client Test: Email Security Grader will verify whether or not your server supports SPF lookup and connection rejection.
- Open Relay and Email Format Test: Domain’s mail servers are tested using various combinations of MAIL FROM and RCPT TO addresses, none of which should be considered valid on your system. Various invalid address formats (e.g. the % hack) are also tried.
- SMTP Plain Text Authentication Test: ESG attempts to connect to the mail server on ports 25 and 465. For each connection it checks the list of available authentication (AUTH) methods.
- POP3 Connection Test: The test checks whether the POP3 Service responds on port 995 and 110 on the mail exchange server.
- IMAP Connection and Authentication Test: The tool checks whether the IMAP service responds on port 993 or 143 on the mail exchange server. If the ports are available, the IMAP server’s capabilities are examined.
The Email Security Grader online tool was developed by renowned dev staff as a people-driven project. The technical team wishes to stay in touch with the IT community and get their feedback, comments and improvements on the entire tool’s test suite, results, scoring, relevance. A complete discussion forum is thus made available so that users and developers can discuss and, most importantly, improve the tool. To visit the Email Security Forum and discuss ESG, register an account and log in too the Email Security Forum.
How well do you think you do?
The best way to answer this question is go to EmailSecurityGrader.com and run the email security test on your domain. When you are done, don’t forget to go discuss the results, the tests and the scoring with the developers and security operations on the Email Security Forum.