id: mx-fingerprint info: name: MX Record Detection author: pdteam severity: info description: An MX record was detected. MX records direct emails to a mail exchange server. reference: - https://www.cloudflare.com/learning/dns/dns-records/dns-mx-record/ - https://mxtoolbox.com/ classification: cwe-id: CWE-200 metadata: max-request: 1 tags: dns,mx dns: - name: "{{FQDN}}" type: MX matchers: - type: regex part: answer regex: - "IN\tMX\\t(.+)$" extractors: - type: regex group: 1 regex: - "IN\tMX\t(.+)" # digest: 4a0a0047304502205efe2d8fc4f39144631e42eaf8d4e45773974e43ff3d2db923203db6e044be4d022100c3fb0ba12d80ceff4ea27c45f1a3380ff6727b8a747803d3899a255fb2672f0f:922c64590222798bb761d5b6d8e72950