DNS & Domain Agent
dns.check.jsWhat This Agent Does
The DNS & Domain Agent validates DNS configuration and email security settings, including MX records, SPF, DKIM, and DMARC policies that protect against email spoofing.
Category Information
| Property | Value |
|---|---|
| Category Name | DNS & Domain |
| Category Icon | |
| Source File | src/checks/dns.check.js |
Checks Performed
DNS Resolution
Verifies that the domain resolves to valid IP addresses (A/AAAA records).
MX Records
Checks for mail exchange servers configured for the domain.
SPF Record
Validates Sender Policy Framework to prevent email spoofing.
DKIM
Checks for DomainKeys Identified Mail signatures.
DMARC Policy
Validates Domain-based Message Authentication policy.
CAA Records
Checks Certificate Authority Authorization records.
Data Sources
Libraries Used
dns— Node.js built-in DNS moduledns.promises— Promise-based DNS lookups
DNS Query Types
const dns = require('dns').promises;
// A records (IPv4)
const aRecords = await dns.resolve4(hostname);
// AAAA records (IPv6)
const aaaaRecords = await dns.resolve6(hostname);
// MX records
const mxRecords = await dns.resolveMx(hostname);
// TXT records (for SPF, DKIM, DMARC)
const txtRecords = await dns.resolveTxt(hostname);
const dmarcRecords = await dns.resolveTxt(`_dmarc.${hostname}`);Email Security Checks
SPF Record Format
v=spf1 include:_spf.google.com ~allSpecifies which servers are allowed to send email for the domain.
DMARC Record Format
v=DMARC1; p=reject; rua=mailto:dmarc@example.comDefines policy for handling failed SPF/DKIM checks.
Return Value
{
category: 'DNS & Domain',
icon: 'globe',
score: 0-100,
checks: [
{
name: 'DNS Resolution',
status: 'pass',
description: 'Domain resolves to 1.2.3.4',
severity: 'critical'
},
{
name: 'SPF Record',
status: 'pass' | 'fail' | 'warn',
description: 'SPF record found and valid',
severity: 'high'
},
// ... more checks
]
}