MailFail by Hacks and Hops
MailFail identifies and provides commands to exploit a large number of email-related misconfigurations for the current domain and subdomain. The extension's UI popup highlights any misconfigurations in red and links to supporting documentation.
You'll need Firefox to use this extension
Extension Metadata
Screenshots
About this extension
<b>Code</b>
This addon is free and open-source software (FOSS) all code can be found here: https://github.com/ACK-J/MailFail
Please report your bugs or feature requests in a GitHub issue instead of in a review.
<b>Test if it works! </b>
<a href=https://m.ail.fail/>https://m.ail.fail/</a>
<b>This addon checks misconfigurations with the following protocols:</b>
<ol>
<li> SPF
<li> DMARC
<li> DKIM
<li> ARC
<li> BIMI
<li> MX
<li> MTA-STS
<li> DANE
<li> DNSSEC
<li> SMTP TLS Reporting
<li> ADSP
<li> Mail Channels
<li> NSEC
<li> NSEC3
<li> SRV
<li> Click <a href="https://github.com/ACK-J/MailFail/tree/main?tab=readme-ov-file#what-misconfigurations-are-checked">HERE</a> to read the specifics.
</b>
</ol>
<b>Why I wrote this addon?</b>
While researching email security for a few months I realized that there was a lot of nuance in how different email security protocols worked. It was very confusing at times and I wanted to organize all the different edge cases into a single tool that could help others identify these misconfigurations without having to read through dozens of RFCs. This extension was supposed to be 100 lines of code written in an afternoon, instead it has reached almost 2,000 lines of code over multiple months.
<b>Donations</b>
<ul>
<li>Monero Address: <b>89jYJvX3CaFNv1T6mhg69wK5dMQJSF3aG2AYRNU1ZSo6WbccGtJN7TNMAf39vrmKNR6zXUKxJVABggR4a8cZDGST11Q4yS8</b>
</ul>
<b>Permissions Needed</b>
<ul>
<strong>Display notifications to you</strong>
<li> This is needed so the addon can alert you when a severe misconfiguration is discovered.</li>
<strong>Access browser tabs</strong>
<li> This is needed so the addon can display the proper number of misconfigurations on a per-tab basis.</li>
</ul>
<b>Privacy Warning</b>
<ul>
<li>This extension does not use your computers default DNS and instead uses CloudFlare's 1.1.1.1 over DoH. It also uses duckduckgo's icon API to privately retrieve websites favicon images.</li>
</ul>
This addon is free and open-source software (FOSS) all code can be found here: https://github.com/ACK-J/MailFail
Please report your bugs or feature requests in a GitHub issue instead of in a review.
<b>Test if it works! </b>
<a href=https://m.ail.fail/>https://m.ail.fail/</a>
<b>This addon checks misconfigurations with the following protocols:</b>
<ol>
<li> SPF
<li> DMARC
<li> DKIM
<li> ARC
<li> BIMI
<li> MX
<li> MTA-STS
<li> DANE
<li> DNSSEC
<li> SMTP TLS Reporting
<li> ADSP
<li> Mail Channels
<li> NSEC
<li> NSEC3
<li> SRV
<li> Click <a href="https://github.com/ACK-J/MailFail/tree/main?tab=readme-ov-file#what-misconfigurations-are-checked">HERE</a> to read the specifics.
</b>
</ol>
<b>Why I wrote this addon?</b>
While researching email security for a few months I realized that there was a lot of nuance in how different email security protocols worked. It was very confusing at times and I wanted to organize all the different edge cases into a single tool that could help others identify these misconfigurations without having to read through dozens of RFCs. This extension was supposed to be 100 lines of code written in an afternoon, instead it has reached almost 2,000 lines of code over multiple months.
<b>Donations</b>
<ul>
<li>Monero Address: <b>89jYJvX3CaFNv1T6mhg69wK5dMQJSF3aG2AYRNU1ZSo6WbccGtJN7TNMAf39vrmKNR6zXUKxJVABggR4a8cZDGST11Q4yS8</b>
</ul>
<b>Permissions Needed</b>
<ul>
<strong>Display notifications to you</strong>
<li> This is needed so the addon can alert you when a severe misconfiguration is discovered.</li>
<strong>Access browser tabs</strong>
<li> This is needed so the addon can display the proper number of misconfigurations on a per-tab basis.</li>
</ul>
<b>Privacy Warning</b>
<ul>
<li>This extension does not use your computers default DNS and instead uses CloudFlare's 1.1.1.1 over DoH. It also uses duckduckgo's icon API to privately retrieve websites favicon images.</li>
</ul>
Rate your experience
PermissionsLearn more
This add-on needs to:
- Display notifications to you
- Access browser tabs
More information
- Add-on Links
- Version
- 1.0.21
- Size
- 527.89 KB
- Last updated
- 2 months ago (Mar 4, 2025)
- Related Categories
- License
- GNU General Public License v3.0 only
- Version History
Add to collection
Release notes for 1.0.21
- updated t=y finding
More extensions by Hacks and Hops
There are no ratings yet- There are no ratings yet
- There are no ratings yet
- There are no ratings yet
- There are no ratings yet
- There are no ratings yet