# Mail Domain Check CLI

> A dependency-free Node.js 20+ command for public MX, SPF, DKIM, DMARC, MTA-STS, TLS-RPT, PTR, and CAA diagnostics. No account is required.

## Run

```sh
curl -fsSLO https://mail-domain-check-zac2.coral-ibis-2405.chatgpt.site/cli/mail-domain-check.mjs
node mail-domain-check.mjs example.com
```

Supply real sending details when available:

```sh
node mail-domain-check.mjs example.com \
  --selector google \
  --sending-ip 8.8.8.8
```

## Options

- `--selector <name>` checks one explicit DKIM selector instead of guessing provider-specific names.
- `--sending-ip <address>` accepts an actual public IPv4 or IPv6 outbound address for PTR and A/AAAA forward confirmation.
- `--json` prints the public scan response as machine-readable JSON.
- `--lang zh` prints human-readable titles, summaries, and labels in Chinese.
- `--help` and `--version` do not call the network.

## Privacy and limits

The command sends the supplied domain, selector, and optional sending IP over HTTPS to the public scan API. Free analytics retain irreversible hashes and aggregate metrics, not raw domains or sending IPs. The public endpoint is rate-limited and intended for interactive diagnostics, not bulk enumeration.

The free response intentionally omits complete evidence and remediation actions. The command ends with a prefilled browser-scanner URL where a user can rerun the free check and purchase an automatically delivered complete report.

## Related files

- CLI source: `https://mail-domain-check-zac2.coral-ibis-2405.chatgpt.site/cli/mail-domain-check.mjs`
- API documentation: `https://mail-domain-check-zac2.coral-ibis-2405.chatgpt.site/developers/api/`
- OpenAPI: `https://mail-domain-check-zac2.coral-ibis-2405.chatgpt.site/openapi.json`

Results describe public configuration at scan time. They do not guarantee inbox placement and do not replace a complete security or compliance audit.
